Lucene search

K

GoogleOSV:GHSA-9CVR-8XQ4-2M73

HistoryMay 14, 2022 - 1:14 a.m.

Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ

2022-05-1401:14:52

Google

osv.dev

12

0.007 Low

EPSS

Percentile

80.3%

Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
org.apache.activemq:activemq-clienteq5.9.0
org.apache.activemq:activemq-clienteq5.8.0
org.apache.activemq:activemq-clienteq5.9.1
org.apache.activemq:activemq-clienteq5.10.0

References

activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt

seclists.org/oss-sec/2015/q1/427

exchange.xforce.ibmcloud.com/vulnerabilities/100724

github.com/apache/activemq

github.com/apache/activemq/commit/994d9b26

github.com/apache/activemq/commit/f8b3de86d8154db5680433e46734b2bd9ced852b

issues.apache.org/jira/browse/AMQ-5033

lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

nvd.nist.gov/vuln/detail/CVE-2014-8110

web.archive.org/web/20161110092459/secunia.com/advisories/62649

web.archive.org/web/20200228044455/www.securityfocus.com/bid/72511

0.007 Low

EPSS

Percentile

80.3%

Related for OSV:GHSA-9CVR-8XQ4-2M73

nvd1 cve1 ubuntucve1 debiancve1 github1 prion1 cvelist1 openvas2 nessus3 ibm7