(RHSA-2013:1286) Moderate: Red Hat JBoss Fuse/A-MQ 6.0.0 patch 3

Red Hat JBoss Fuse 6.0.0, based on Apache ServiceMix, provides an
integration platform. Red Hat JBoss A-MQ 6.0.0, based on Apache ActiveMQ,
is a standards compliant messaging system that is tailored for use in
mission critical applications.

Red Hat JBoss Fuse/A-MQ 6.0.0 patch 3 is an update to Red Hat JBoss Fuse
6.0.0 and Red Hat JBoss A-MQ 6.0.0, including bug fixes. Refer to the
readme file included with the patch files for information about these
fixes.

The following security issues are also resolved with this update:

Multiple stored cross-site scripting (XSS) flaws were found in the Fuse
Management Console. A remote attacker could use these flaws to perform an
XSS attack against other users of the Fuse Management Console.
(CVE-2013-4372)

All users of Red Hat JBoss Fuse 6.0.0 and Red Hat JBoss A-MQ 6.0.0 as
provided from the Red Hat Customer Portal are advised to apply this patch.