Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:25441
HistoryMay 15, 2020 - 6:05 a.m.

Cross-site Scripting (XSS)

2020-05-1506:05:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
cross-site scripting activemq-web-console browse.jsp vulnerability javascriptinjection

EPSS

0.003

Percentile

70.9%

activemq-web-console is vulnerable to cross-site scripting (XSS). The vulnerability exists as the values of row.properties in browse.jsp is not properly validated, allowing a remote attacker to inject and execute arbitrary Javascript into a user’s browser via the affected parameters.

Affected configurations

Vulners
Node
-activemq_\Match\_web_console
VendorProductVersionCPE
-activemq_\cpe:2.3:a:-:activemq_\:\:_web_console:*:*:*:*:*:*:*:*