Apache ActiveMQ 5.x < 5.15.12 XSS (CVE-2020-1941)

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.15.12. It is, therefore, affected by a cross-site scripting XSS vulnerability in the webconsole admin GUI. An unauthenticated, remote attacker can exploit this issue, by convincing a user to click a specially crafted URL,...

GHSA-CC94-3V9C-7RM8 Apache ActiveMQ webconsole admin GUI is open to XSS

In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue...

CVE-2020-1941

CVE-2020-1941 affects Apache ActiveMQ (versions 5.0.0–5.15.11). The connected Nessus entry for this CVE confirms an XSS flaw in the ActiveMQ web console (admin GUI) specifically in the view that lists the contents of a queue. Root cause details are not elaborated beyond the XSS indication in the ...

Cross-Site Scripting (XSS)

activemq-web-console is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via the listing of queue contents in the admin GUI...

Unspecified Vulnerability in Oracle GlassFish Server (CNVD-2017-31314)

Oracle Fusion Middleware Oracle Fusion Middleware is the United States Oracle Oracle company's set of business innovation platform for enterprise and cloud environments. The platform provides middleware, software collection and other functions. Oracle GlassFish Server is one of the components tha...