Apache ActiveMQ 'QueueFilter' Parameter Cross Site Scripting Vulnerability

Bugtraq ID: 105156
Class: Input Validation Error
CVE: CVE-2018-8006
Remote: Yes
Local: No
Published: Aug 24 2018 12:00AM
Updated: Aug 24 2018 12:00AM
Credit: Bruno Oliveira of Trustwave.
Vulnerable: Apache ActiveMQ 5.15.3
Apache ActiveMQ 5.15
Apache ActiveMQ 5.14.5
Apache ActiveMQ 5.14.2
Apache ActiveMQ 5.14.1
Apache ActiveMQ 5.6
Apache ActiveMQ 5.5
Apache ActiveMQ 5.9.1
Apache ActiveMQ 5.5.1
Apache ActiveMQ 5.4.3
Apache ActiveMQ 5.4.2
Apache ActiveMQ 5.4.1
Apache ActiveMQ 5.4.0
Apache ActiveMQ 5.3.2
Apache ActiveMQ 5.1.0
Not Vulnerable: Apache ActiveMQ 5.16
Apache ActiveMQ 5.15.5


 

Privacy Statement
Copyright 2010, SecurityFocus