Apache: >> Activemq >> 1.1 Security Vulnerabilities
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
CVSS Score
5.0
EPSS Score
0.103
Published
2012-01-05
Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.
CVSS Score
3.5
EPSS Score
0.003
Published
2010-04-05
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
CVSS Score
6.8
EPSS Score
0.004
Published
2010-04-05