VDB
BDU%3A2025-01883
BDU%3A2025-01883
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Уязвимость сценария message.jsp веб-консоли администрирования программной платформы Apache ActiveMQ, позволяющая нарушителю проводить межсайтовые сценарные атаки
Risk Scores
CVSS 2.0
6.400000095367432
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache Software Foundation, Oracle Corp. | ActiveMQ, Oracle Communications Element Manager, Oracle Communications Session Report Manager, Oracle Communications Session Route Manager |
Timeline
- Feb 24, 2025 CVE Published
- Aug 13, 2025 CVE Updated
References
- https://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt url
- https://lists.apache.org/thread/r2ktodl9smh7jl2zmsbnkw569x0yk827 url
- https://lists.apache.org/thread/r369c2x1910wfktf37dtwbbz1fdrb8vx url
- https://lists.apache.org/thread/ltg0pc6w5dc1hxmx3ky0rr23hmkvhlh6 url
- https://www.oracle.com/security-alerts/cpuoct2021.html url
- https://github.com/advisories/GHSA-66gw-ch5v-74v8 url