2 matches found
qpid-cpp: qpid authentication bypass
It was found that the Apache Qpid daemon qpidd treated AMQP connections with the federationtag attribute set as a broker-to-broker connection, rather than a client-to-server connection. This resulted in the source user ID of messages not being checked. A client that can establish an AMQP connecti...
Multiple 04WebServer security vulnerabilities
Crossite scripting, user identification bypass...