15 matches found
Astra Linux - уязвимость в rabbitmq-server
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI through the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
EUVD-2021-19505
Malware in sbrugna...
USN-7143-1: RabbitMQ Server vulnerabilities
Christian Rellmann discovered that RabbitMQ Server did not properly sanitize user input when adding a new user via the management UI. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. CVE-2021-32718 Fahimhusain Raydurg discovered that...
Ubuntu 20.04 LTS : RabbitMQ Server vulnerabilities (USN-7143-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7143-1 advisory. Christian Rellmann discovered that RabbitMQ Server did not properly sanitize user input when adding a new user via the management UI. An attacker could...
SUSE CVE-2019-11281
Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not properly sanitize user...
SUSE CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
DEBIAN-CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
UBUNTU-CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
CVE-2021-32719 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in RabbitMQ federation management plugin
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
PT-2021-3479 · Rabbitmq +5 · Rabbitmq +5
Name of the Vulnerable Software and Affected Versions: RabbitMQ versions prior to 3.8.18 Description: The issue arises from the rabbitmq federation management plugin in RabbitMQ, where a federation link's consumer tag is rendered without proper sanitization of tags in the management UI. This...
Pivotal RabbitMQ < 3.7.18 Cross Site Scripting (XSS) Vulnerability
According to its self-reported version, the version of Pivotal RabbitMQ running on the remote web server is prior to 3.7.18. It is, therefore, affected by cross site scripting XSS vulnerability. A cross-site scripting XSS vulnerability exists in two components, the virtual host limits page, and t...
rabbitmq-server: improper sanitization of vhost limits and federation management UI pages
A vulnerability was found in the rabbitmq-server. User input for the virtual host limits page and the federation management UI was not properly sanitized. A remote, authenticated administrative user could create a cross-site scripting attack leading to access to virtual hosts and policy managemen...
UBUNTU-CVE-2019-11281
Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not properly sanitize user...