It was found that JBoss A-MQ's Hawtio console setting for the Access-Control-Allow-Origin header permits unrestricted sharing (allow all). An attacker could use this flaw to access sensitive information or perform other attacks.
Find out more about CVE-2015-5184 from the MITRE CVE dictionary dictionary and NIST NVD.