Lucene search
HistoryFeb 05, 2014 - 6:55 p.m.
CVE-2013-1880
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
8
Confidence
High
EPSS
0.032
Percentile
91.2%
Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092.
Affected configurations
Node
apacheactivemqRangeβ€5.8.0
ORapacheactivemqMatch5.0.0
ORapacheactivemqMatch5.1.0
ORapacheactivemqMatch5.2.0
ORapacheactivemqMatch5.3.0
ORapacheactivemqMatch5.3.1
ORapacheactivemqMatch5.3.2
ORapacheactivemqMatch5.4.0
ORapacheactivemqMatch5.4.1
ORapacheactivemqMatch5.4.2
ORapacheactivemqMatch5.5.0
ORapacheactivemqMatch5.5.1
ORapacheactivemqMatch5.6.0
ORapacheactivemqMatch5.7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apache | activemq | * | cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* |
| apache | activemq | 5.0.0 | cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:* |
| apache | activemq | 5.1.0 | cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:* |
| apache | activemq | 5.2.0 | cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:* |
| apache | activemq | 5.3.0 | cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:* |
| apache | activemq | 5.3.1 | cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:* |
| apache | activemq | 5.3.2 | cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:* |
| apache | activemq | 5.4.0 | cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:* |
| apache | activemq | 5.4.1 | cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:* |
| apache | activemq | 5.4.2 | cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2013-1880
2014-02-05 18:55:06
CVE-2012-6092
2013-04-21 21:55:01
ubuntucve
ubuntucve
CVE-2013-1880
2014-02-05 00:00:00
CVE-2012-6092
2013-04-21 00:00:00
prion
prion
Cross site scripting
2014-02-05 18:55:00
Cross site scripting
2013-04-21 21:55:00
cvelist
cvelist
CVE-2013-1880
2014-02-05 18:00:00
CVE-2012-6092
2013-04-21 21:00:00
github
github
Apache ActiveMQ Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet
2022-05-17 03:46:32
Cross-site Scripting in Apache ActiveMQ
2022-05-17 03:46:33
osv
osv
Apache ActiveMQ Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet
2022-05-17 03:46:32
Cross-site Scripting in Apache ActiveMQ
2022-05-17 03:46:33
cve
cve
CVE-2013-1880
2014-02-05 18:55:06
CVE-2012-6092
2013-04-21 21:55:01
veracode
veracode
Cross-Site Scripting (XSS)
2019-03-25 08:40:44
Cross-site Scripting (XSS)
2019-03-25 08:40:43
seebug
seebug
Apache ActiveMQ web demosε€δΈͺθ·¨η«θζ¬ζΌζ΄(CVE-2012-6092)
2013-04-24 00:00:00
redhat
redhat
(RHSA-2013:1029) Important: Fuse MQ Enterprise 7.1.0 update
2013-07-09 00:00:00
nvd
nvd
CVE-2012-6092
2013-04-21 21:55:01
openvas
openvas
Apache ActiveMQ < 5.9.0 Multiple Cross Site Scripting Vulnerabilities
2013-08-13 00:00:00
Apache ActiveMQ Multiple Vulnerabilities
2013-04-27 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
8
Confidence
High
EPSS
0.032
Percentile
91.2%
Related for NVD:CVE-2013-1880