In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
References
Configurations
History
21 Nov 2024, 02:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/94882 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1037475 - Third Party Advisory, VDB Entry | |
References | () https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc%40%3Cusers.activemq.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E - |
07 Nov 2023, 02:34
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-01-10 15:29
Updated : 2024-11-21 02:56
NVD link : CVE-2016-6810
Mitre link : CVE-2016-6810
CVE.ORG link : CVE-2016-6810
JSON object : View
Products Affected
apache
- activemq
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')