Published: 12/02/2015 Updated: 13/02/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x prior to 5.10.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache activemq 5.3.0
apache activemq 5.8.0
apache activemq 5.4.3
apache activemq 5.4.0
apache activemq 5.5.1
apache activemq 5.4.1
apache activemq 5.9.0
apache activemq 5.3.1
apache activemq 5.2.0
apache activemq 5.7.0
apache activemq 5.0.0
apache activemq 5.10.0
apache activemq 5.1.0
apache activemq 5.5.0
apache activemq 5.3.2
apache activemq 5.9.1
apache activemq 5.6.0
apache activemq 5.4.2

Debian Bug report logs - #777196 activemq: CVE-2014-8110 CVE-2014-3612 CVE-2014-3600 Package: activemq; Maintainer for activemq is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for activemq is src:activemq (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fr ...

Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5x before 5101 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors ...

CWE-79 http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt http://www.securityfocus.com/bid/72511 http://seclists.org/oss-sec/2015/q1/427 http://secunia.com/advisories/62649 https://exchange.xforce.ibmcloud.com/vulnerabilities/100724 https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777196 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-8110

CVE-2014-8110

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect