Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2020-13947 - XSS in Apache ActiveMQ WebConsole

Related Vulnerabilities: CVE-2020-13947  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->

oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->

By Date

By Thread

</form>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
CVE-2020-13947 - XSS in Apache ActiveMQ WebConsole

<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->

From: Jean-Baptiste Onofre &lt;jb () nanthrax net&gt;

Date: Mon, 8 Feb 2021 06:25:40 +0100

<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->

<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
CVE-2020-13947 - XSS in WebConsole

Severity: Medium

Vendor:
The Apache Software Foundation

Versions Affected:
Apache ActiveMQ prior to 5.15.12 and 5.16.0

Description:
An instance of a cross-site scripting
vulnerability was identified to be present in the web based
administration console on the message.jsp page of Apache ActiveMQ
versions 5.15.12 to 5.16.0.

Mitigation:
Upgrade to at least Apache ActiveMQ 5.15.13 or 5.16.1

Credit:
This issue was discovery by:

* qiang qiang &lt;silbul2017 () gmail com&gt;

<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->

<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->

By Date

By Thread

Current thread:

CVE-2020-13947 - XSS in Apache ActiveMQ WebConsole Jean-Baptiste Onofre (Feb 07)

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started