Apache ActiveMQ Cross Site Scripting

`Vulnerability Info:  
  
26/04/2010 Issue Discovered 26/04/2010 Vendor Notified  
  
27/04/2010 Vendor Conformed Class: Cross-Site Scripting (Input validation)  
  
  
Severity: Medium  
  
Overview:  
---------  
Apache ActiveMQ is prone to cross-site scripting vulnerability.  
  
Technical Description:  
----------------------  
The issue is caused due to the problem in Jetty's error handler that doesn't escape the message.  
  
Impact:  
--------  
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.  
  
Affected Software:  
------------------  
Apache ActiveMQ 5.3.x versrions are affected with this issue.  
  
Not Affected Software:  
----------------------  
Apache ActiveMQ 5.4-SNAPSHOT  
  
  
Proof of Concept:  
-----------------  
http://localhost:8161/admin/ueueBrowse/example.A?view=rss&feedType=<script>alert("ACTIVEMQ")</script>  
  
Workaround:  
-----------  
https://issues.apache.org/activemq/browse/AMQ-2714  
  
CVSS Score Report:  
ACCESS_VECTOR = NETWORK  
ACCESS_COMPLEXITY = Medium  
AUTHENTICATION = NOT REQUIRED  
CONFIDENTIALITY_IMPACT = PARTIAL  
INTEGRITY_IMPACT = PARTIAL  
AVAILABILITY_IMPACT = NONE  
EXPLOITABILITY = PROOF_OF_CONCEPT  
REMEDIATION_LEVEL = WORKAROUND  
REPORT_CONFIDENCE = CONFIRMED  
CVSS Base Score = 5.8 (AV:N/AC:L/Au:NR/C:P/I:P/A:N)  
CVSS Temporal Score = 4.9  
  
  
Credits:  
--------  
Arun Kethipelly of Qualys, Inc  
`