Description
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
Remediation
References
http://secunia.com/advisories/39223
http://activemq.apache.org/activemq-531-release.html
https://issues.apache.org/activemq/browse/AMQ-2625
https://issues.apache.org/activemq/browse/AMQ-2613
https://exchange.xforce.ibmcloud.com/vulnerabilities/57398
Related Vulnerabilities
CVE-2020-2131 Vulnerability in maven package org.jenkins-ci.plugins:harvest
CVE-2017-7677 Vulnerability in maven package org.apache.ranger:ranger-hive-utils
CVE-2023-28935 Vulnerability in maven package org.apache.uima:uima-ducc-parent
CVE-2019-1003093 Vulnerability in maven package org.jenkins-ci.plugins:nomad
CVE-2010-2245 Vulnerability in maven package org.apache.wink:wink-server