CVE-2016-6810
published 2018-01-10CVE-2016-6810: In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console…
medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | activemq | >= 0 < 5.14.2+dfsg-1 | 5.14.2+dfsg-1 |
| apache | activemq | >= 0 < 5.14.2+dfsg-1 | 5.14.2+dfsg-1 |
| apache | activemq | >= 0 < 5.14.2+dfsg-1 | 5.14.2+dfsg-1 |
| apache | activemq | >= 5.0.0 < 5.14.2 | 5.14.2 |
| apache_software_foundation | apache_activemq | — | — |
| debian | activemq | < activemq 5.14.2+dfsg-1 (bookworm) | activemq 5.14.2+dfsg-1 (bookworm) |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM