3 matches found
GHSA-2JP3-2923-9H52 Apache ActiveMQ Vulnerable to Cross-site Scripting
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. An authenticated attacker can show malicious content when browsing queues in the web console by overriding the content type to be HTML instead of XML and by injecting...
DoS (Denial of Service) in Crowd Data Center
This High severity DoS Denial of Service vulnerability was introduced in version 6.3.1 of Crowd Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disruptin...
Arbitrary File Upload
Overview com.liferay.portal:portal-service is a portal service package for Liferay. Affected versions of this package are vulnerable to Arbitrary File Upload which allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. Workaround Use the portal.property...