Vulnerability Details CVE-2013-1879
Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://rhn.redhat.com/errata/RHSA-2013-1029.html
- http://secunia.com/advisories/54073
- http://www.securityfocus.com/bid/61142
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85586
- https://issues.apache.org/jira/browse/AMQ-4397
- http://rhn.redhat.com/errata/RHSA-2013-1029.html
- http://secunia.com/advisories/54073
- http://www.securityfocus.com/bid/61142
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85586
- https://issues.apache.org/jira/browse/AMQ-4397
Products affected by CVE-2013-1879
-
cpe:2.3:a:apache:activemq:-
-
cpe:2.3:a:apache:activemq:4.0
-
cpe:2.3:a:apache:activemq:4.0.1
-
cpe:2.3:a:apache:activemq:4.0.2
-
cpe:2.3:a:apache:activemq:4.1.0
-
cpe:2.3:a:apache:activemq:4.1.1
-
cpe:2.3:a:apache:activemq:4.1.2
-
cpe:2.3:a:apache:activemq:5.0.0
-
cpe:2.3:a:apache:activemq:5.1.0
-
cpe:2.3:a:apache:activemq:5.2.0
-
cpe:2.3:a:apache:activemq:5.3.0
-
cpe:2.3:a:apache:activemq:5.3.1
-
cpe:2.3:a:apache:activemq:5.3.2
-
cpe:2.3:a:apache:activemq:5.4.0
-
cpe:2.3:a:apache:activemq:5.4.1
-
cpe:2.3:a:apache:activemq:5.4.2
-
cpe:2.3:a:apache:activemq:5.4.3
-
cpe:2.3:a:apache:activemq:5.5.0
-
cpe:2.3:a:apache:activemq:5.5.1
-
cpe:2.3:a:apache:activemq:5.6.0
-
cpe:2.3:a:apache:activemq:5.7.0
-
cpe:2.3:a:apache:activemq:5.8.0