Apache ActiveMQ Sensitive Information Disclosure via the Jetty ResourceHandler

The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...

CVE-2010-1587

The CVE-2010-1587 issue affects Apache ActiveMQ with the Jetty ResourceHandler. It enables a remote attacker to disclose JSP source code by sending a URI beginning with // that targets (admin/index.jsp, admin/queues.jsp, or admin/topics.jsp). Affected products/versions are ActiveMQ 5.x before 5.3...