VDB
CVE-2018-8006
CVE-2018-8006
PUBLISHED
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.
EPSS 78.49% · 99.1th percentile
Risk Scores
EPSS Score
78.49%
99.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | activemq | 0, 5.6.0+dfsg1-4+deb8u1ubuntu1, 5.6.0+dfsg1-5 |
Exploit Intelligence
- CIRCL seen: CVE-2018-8006 (circl-sighting)
- CIRCL seen: CVE-2018-8006 (circl-sighting)
- CIRCL seen: CVE-2018-8006 (circl-sighting)
- CIRCL seen: CVE-2018-8006 (circl-sighting)
- CIRCL seen: CVE-2018-8006 (circl-sighting)
- CIRCL exploited: CVE-2018-8006 (circl-sighting)
- CIRCL seen: CVE-2018-8006 (circl-sighting)
- [activemq-gitbox] 20191021 [GitHub] [activemq-website] clebertsuconic commented on a change in pull request #17: Fix the ordering in the security advisories page (circl)
- 105156 (circl)
- [activemq-commits] 20210208 [activemq-website] branch master updated: Publish CVE-2020-13947 (circl)
…and 14 more exploits
Timeline
- Oct 10, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- May 13, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Nov 8, 2023 EPSS Score
- Jan 18, 2024 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-8006 third-party-advisory
- https://issues.apache.org/jira/browse/AMQ-6954 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-8006 third-party-advisory