Lucene search
+L

8 matches found

osv
osv
added 2022/02/09 10:14 p.m.23 views

GHSA-3H2H-XQR2-2JP7 Cross-site Scripting (XSS) in Apache ActiveMQ Artemis

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

6.1CVSS6.2AI score0.04312EPSS
Exploits0References8
github
github
added 2022/02/09 10:14 p.m.25 views

Cross-site Scripting (XSS) in Apache ActiveMQ Artemis

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

6.1CVSS3.3AI score0.04312EPSS
Exploits0References9Affected Software1
redhat
redhat
added 2020/12/08 8:55 a.m.5 views

activemq: remote XSS in web console diagram plugin

A flaw was found in activemq. A specifically crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and the info...

6.1CVSS5.8AI score0.04312EPSS
Exploits0References4
cnvd
cnvd
added 2020/07/21 12:0 a.m.5 views

Apache ActiveMQ Web console Diagram Plugin Cross-Site Scripting Vulnerability

Apache ActiveMQ is the United States Apache Apache Software Foundation of a set of open source messaging middleware , which supports Java messaging services , clustering , Spring Framework , etc. Web console is one of the Web console . Apache ActiveMQ Artemis version 2.5.0 to 2.13.0 version of th...

6.1CVSS6.5AI score0.04312EPSS
Exploits0References1
nvd
nvd
added 2020/07/20 10:15 p.m.16 views

CVE-2020-13932

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

6.1CVSS6AI score0.04312EPSS
Exploits0References4
osv
osv
added 2020/07/20 10:15 p.m.35 views

CVE-2020-13932

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

6.1CVSS5.9AI score0.04312EPSS
Exploits0References4
prion
prion
added 2020/07/20 10:15 p.m.21 views

Cross site scripting

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

4.3CVSS6.1AI score0.04312EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2020/07/20 12:0 a.m.13 views

PT-2020-13788

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Artemis versions 2.5.0 through 2.13.0 Description A specially crafted MQTT packet with an XSS payload as client-id or topic name can exploit this issue. The XSS payload is injected into the admin console's browser and is...

6.1CVSS6.6AI score0.04312EPSS
Exploits0References11
Rows per page
Query Builder