output/security-advisories.data/CVE-2020-13947-announcement.txt - activemq-website - Git at Google

 CVE-2020-13947 - XSS in WebConsole

 Severity: Medium

 Vendor:
 The Apache Software Foundation

 Versions Affected:
 Apache ActiveMQ prior to 5.15.14 and 5.16.1

 Description:
 An instance of a cross-site scripting
 vulnerability was identified to be present in the web based
 administration console on the message.jsp page of Apache ActiveMQ
 versions prior to 5.15.14 and 5.16.1.

 Mitigation:
 Upgrade to at least Apache ActiveMQ 5.15.14 or 5.16.1

 Credit:
 This issue was discovery by:

 * qiang qiang <silbul2017@gmail.com>
	CVE-2020-13947 - XSS in WebConsole

	Severity: Medium

	Vendor:
	The Apache Software Foundation

	Versions Affected:
	Apache ActiveMQ prior to 5.15.14 and 5.16.1

	Description:
	An instance of a cross-site scripting
	vulnerability was identified to be present in the web based
	administration console on the message.jsp page of Apache ActiveMQ
	versions prior to 5.15.14 and 5.16.1.

	Mitigation:
	Upgrade to at least Apache ActiveMQ 5.15.14 or 5.16.1

	Credit:
	This issue was discovery by:

	* qiang qiang <silbul2017@gmail.com>