You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@activemq.apache.org by Christopher Shannon <ch...@gmail.com> on 2016/12/09 15:01:08 UTC

[ANNOUNCE] CVE-2016-6810: ActiveMQ Web Console - Cross-Site Scripting

The following security vulnerability was reported against Apache
ActiveMQ 5.14.1 and older versions.

Please check the following document and see if you’re affected by the issue.

http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt

Apache ActiveMQ 5.14.2 has been released with appropriate fixes and is
available for upgrade.