HomePentest-Tools.com Logo

Apache ActiveMQ < 5.9.0 Multiple Cross Site Scripting Vulnerabilities CVE-2013-1879CVE-2013-1880

Not available
CVSSv3 Score
Not available
Vulnerability description

Apache ActiveMQ is prone to multiple cross site scripting vulnerabilities.

Risk description

Multiple flaws exist due to: - an improper validation of the command in a user crontab file upon processing by the scheduled.jsp script - the Portfolio publisher servlet in the demo web application allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish Successful exploitation will allow attacker to execute arbitrary HTML and script code in a users browser session in the context of an affected site.


Upgrade to version 5.9.0 or later.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Jul 20, 2013
Detection added at
Software Type
Not available
Not available
Not available