VDB
KO
MEDIUM 6.1

GHSA-cv6r-h2fm-pvrp

HTML Injection in ActiveMQ Artemis Web Console

Details

In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.

Are you affected?

Enter the version of the package you're using.

Affected packages

Maven / org.apache.activemq:artemis-server
Introduced in: 0 Fixed in: 2.24.0
Fix # pom.xml: bump <version>2.24.0</version> for org.apache.activemq:artemis-server

References