4 matches found
Security Bulletin: Security vulnerabilities in ActiveMQ 5.2.0 affect IBM Sterling B2B Integrator (CVE-2015-1830, CVE-2014-8110, CVE-2013-3060, CVE-2013-1880, CVE-2013-1879, CVE-2012-6551, CVE-2012-6092, CVE-2010-1587, CVE-2010-1244, CVE-2010-0684)
Summary Multiple directory traversal, cross-site scripting, denial of service and cross-site request forgery security vulnerabilities in ActiveMQ 5.2.0. IBM Sterling B2B Integrator has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-1830 DESCRIPTION: Apache ActiveMQ could all...
CVE-2013-1880
Cross-site scripting XSS vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092...
CVE-2013-1880
CVE-2013-1880 (ActiveMQ) : XSS in the Portfolio publisher servlet of the Apache ActiveMQ demo web app prior to 5.9.0. By supplying a crafted value to the refresh parameter of demo/portfolioPublish, an attacker can inject arbitrary script/HTML. Root cause: improper validation/neutralization of inp...
Important: Red Hat Security Advisory: Fuse MQ Enterprise 7.1.0 update
Fuse MQ Enterprise 7.1.0 roll up patch 1, which fixes multiple security issues and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...