The administration web console in Apache ActiveMQ 5.x prior to 5.11.4, 5.12.x prior to 5.12.3, and 5.13.x prior to 5.13.2 allows remote authenticated users to conduct cross-site scripting (XSS) attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a queue.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache activemq 5.3.0 |
||
apache activemq 5.11.1 |
||
apache activemq 5.8.0 |
||
apache activemq 5.4.3 |
||
apache activemq 5.4.0 |
||
apache activemq 5.5.1 |
||
apache activemq 5.12.0 |
||
apache activemq 5.4.1 |
||
apache activemq 5.13.0 |
||
apache activemq 5.9.0 |
||
apache activemq 5.11.2 |
||
apache activemq 5.11.0 |
||
apache activemq 5.11.3 |
||
apache activemq 5.3.1 |
||
apache activemq 5.13.1 |
||
apache activemq 5.2.0 |
||
apache activemq 5.7.0 |
||
apache activemq 5.12.1 |
||
apache activemq 5.10.1 |
||
apache activemq 5.10.0 |
||
apache activemq 5.1.0 |
||
apache activemq 5.5.0 |
||
apache activemq 5.3.2 |
||
apache activemq 5.10.2 |
||
apache activemq 5.9.1 |
||
apache activemq 5.12.2 |
||
apache activemq 5.6.0 |
||
apache activemq 5.4.2 |
Vulmon