HomePentest-Tools.com Logo

Apache Active MQ 5.0.0 to 5.15.5 Authenticated XSS Vulnerability (Windows) CVE-2018-8006

Severity
CVSSv3 Score
6.1
Vulnerability description

Apache ActiveMQ is prone to an authenticated XSS vulnerability.

Risk description

The issue exists due to improper data filtering of the QueueFilter parameter on the queue.jsp page. An authenticated attacker may exploit the vulnerability to inject arbitrary JavaScript code into the page.

Recommendation

Update to version 5.15.6.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 10, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available