Description
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
Remediation
References
https://lists.apache.org/thread/bh6y81wtotg75337bpvxcjy436zfgf3n
https://security.netapp.com/advisory/ntap-20221209-0005/
Related Vulnerabilities
CVE-2020-36184 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2014-6071 Vulnerability in maven package org.fujion.webjars:jquery
CVE-2019-10375 Vulnerability in maven package hudson.plugins.filesystem_scm:filesystem_scm
CVE-2020-2187 Vulnerability in maven package org.jenkins-ci.plugins:ec2
CVE-2022-38666 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration