Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:13
Type | Values Removed | Values Added |
---|---|---|
References | () http://activemq.apache.org/activemq-531-release.html - Patch | |
References | () http://secunia.com/advisories/39223 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/57398 - | |
References | () https://issues.apache.org/activemq/browse/AMQ-2613 - Exploit | |
References | () https://issues.apache.org/activemq/browse/AMQ-2625 - Exploit |
Information
Published : 2010-04-05 16:30
Updated : 2024-11-21 01:13
NVD link : CVE-2010-1244
Mitre link : CVE-2010-1244
CVE.ORG link : CVE-2010-1244
JSON object : View
Products Affected
apache
- activemq
CWE
CWE-352
Cross-Site Request Forgery (CSRF)