5 matches found
EUVD-2022-5211
Malicious code in bioql PyPI...
Cross-Site Scripting (XSS)
apache activemq is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the refresh parameter to PortfolioPublishServlet.java, and through debug logs or subscribe messages in webapp/websocket/chat.js...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...
CVE-2012-6092
Multiple cross-site scripting XSS vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via 1 the refresh parameter to PortfolioPublishServlet.java aka demo/portfolioPublish or Market Data Publisher, or vectors involving 2...
PT-2013-1884 · Apache · Apache Activemq
Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ versions prior to 5.8.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting XSS attacks. This can be achieved through various vectors, including th...