Vulnerabilities > Apache > Activemq > 5.13.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-05 | CVE-2016-0782 | Cross-site Scripting vulnerability in Apache Activemq The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting (XSS) attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a queue. | 5.4 |
| 2016-06-01 | CVE-2016-3088 | Unrestricted Upload of File with Dangerous Type vulnerability in Apache Activemq The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. | 9.8 |
| 2016-04-07 | CVE-2016-0734 | 7PK - Security Features vulnerability in Apache Activemq The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element. | 6.1 |