Apache Activemq vulnerabilities

CVE-2010-1244 [MEDIUM] CWE-352 CVE-2010-1244: Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ befor Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.

CVE-2010-0684 [LOW] CWE-79 CVE-2010-0684: Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action.