org.apache.activemq:activemq-web-console (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.activemq:activemq-web-console, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2018-8006 — CVSS 6.1 (medium): An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp…
CVE-2020-1941 — CVSS 6.1 (medium): In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue.
CVE-2010-1587 — CVSS 5.0 (medium): The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a…