The web-based administration console in Apache ActiveMQ 5.x prior to 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache activemq 5.3.0 |
||
apache activemq 5.11.1 |
||
apache activemq 5.8.0 |
||
apache activemq 5.4.3 |
||
apache activemq 5.4.0 |
||
apache activemq 5.5.1 |
||
apache activemq 5.12.0 |
||
apache activemq 5.4.1 |
||
apache activemq 5.13.0 |
||
apache activemq 5.9.0 |
||
apache activemq 5.11.2 |
||
apache activemq 5.11.0 |
||
apache activemq 5.3.1 |
||
apache activemq 5.2.0 |
||
apache activemq 5.7.0 |
||
apache activemq 5.0.0 |
||
apache activemq 5.12.1 |
||
apache activemq 5.10.1 |
||
apache activemq 5.10.0 |
||
apache activemq 5.1.0 |
||
apache activemq 5.5.0 |
||
apache activemq 5.3.2 |
||
apache activemq 5.10.2 |
||
apache activemq 5.9.1 |
||
apache activemq 5.12.2 |
||
apache activemq 5.6.0 |
||
apache activemq 5.4.2 |
Vulmon