[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2022-35278: Apache ActiveMQ Artemis: HTML Injection in ActiveMQ Artemis Web Conso
From: Justin Bertram <jbertram () apache ! org>
Date: 2022-08-17 20:42:09
Message-ID: CAF+kE=S3-PVFZA2zGQBBuFsAsosXwZ04ONy3g10-SJqGCZywEQ () mail ! gmail ! com
[Download RAW message or body]
Description:
An attacker could show malicious content and/or redirect users to a
malicious URL in the web console by using HTML in the name of an address or
queue.
Mitigation:
Upgrade to Apache ActiveMQ Artemis 2.24.0.
Credit:
Apache ActiveMQ would like to thank Yash Pandya (Digital14), Rajatkumar
Karmarkar (Digital14), and Likhith Cheekatipalle (Digital14) for reporting
this issue.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic