CVE CyberSecurity Database News

CVE-2022-35278 Before 2.24.0, Artemis could be manipulated with HTML in the name of an address or queue.

Poster -

This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now send messages to a specific queue or address in the ActiveMQ Artemis web console. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now send messages to a specific queue or address in the ActiveMQ Artemis web console. An attacker could also redirect a user to a malicious URL in the web console by using HTML in the name of an address or queue. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now send messages to a specific queue or address in the ActiveMQ Artemis web console. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now redirect a user to a malicious URL in the web console by using HTML in the name of an address or queue. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now send messages to a specific queue or address in the ActiveMQ Artemis web console. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now redirect a user to a malicious URL in the web console by using HTML in the name of an address or queue. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now send messages to a specific queue or address in

New feature

An attacker could now send messages to a specific queue or address in the ActiveMQ Artemis web console. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now redirect a user to a malicious URL in the web console by using HTML in the name of an address or queue. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could now send messages to a specific queue or address in the ActiveMQ Artemis web console. This issue has been fixed in ActiveMQ Artemis 2.24.0 and later versions. An attacker could also redirect a user to a malicious URL in the web console by using HTML in the name of an address or queue, but these issues have been addressed with this release:
- CVE-2022-35278
- CVE-2022-35047

Timeline

Published on: 08/23/2022 15:15:00 UTC
Last modified on: 08/25/2022 02:07:00 UTC

References