vulnerability
FreeBSD: activemq -- Web Console Cross-Site Scripting (CVE-2016-0782)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Mar 10, 2016 | Mar 28, 2016 | Oct 30, 2017 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Mar 10, 2016
Added
Mar 28, 2016
Modified
Oct 30, 2017
Description
The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting (XSS) attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a queue.
Solution
freebsd-upgrade-package-activemq
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.