Apache: >> Activemq >> 5.1.0 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
CVSS Score
3.5
EPSS Score
0.003
Published
2010-04-05
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
CVSS Score
6.8
EPSS Score
0.004
Published
2010-04-05
Page 5