Vulnerabilities > Redhat > Jboss A MQ > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-01 | CVE-2021-3425 | Information Exposure Through Log Files vulnerability in Redhat Jboss A-Mq 7 A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. | 2.1 |
| 2021-05-20 | CVE-2021-3536 | Cross-site Scripting vulnerability in Redhat products A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. | 3.5 |
| 2019-08-01 | CVE-2015-7559 | Improper Input Validation vulnerability in multiple products It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. | 2.7 |
| 2017-09-25 | CVE-2015-5181 | Cross-site Scripting vulnerability in Redhat Jboss A-Mq The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript. | 3.5 |
| 2014-04-17 | CVE-2014-0085 | Credentials Management vulnerability in Redhat Jboss A-Mq and Jboss Fuse JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. | 2.1 |