Description
Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt
http://seclists.org/oss-sec/2015/q1/427
http://secunia.com/advisories/62649
http://www.securityfocus.com/bid/72511
https://exchange.xforce.ibmcloud.com/vulnerabilities/100724
https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
Related Vulnerabilities
CVE-2018-6341 Vulnerability in maven package org.webjars:vue
CVE-2022-24858 Vulnerability in npm package next-auth
CVE-2023-40343 Vulnerability in maven package io.jenkins.plugins:tuleap-oauth
CVE-2017-1000403 Vulnerability in maven package org.jvnet.hudson.plugins:speaks
CVE-2012-4529 Vulnerability in maven package org.jboss.as:jboss-as-web