In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/bh6y81wtotg75337bpvxcjy436zfgf3n | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221209-0005/ | Third Party Advisory |
Configurations
History
13 Dec 2022, 01:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* |
|
References |
|
25 Aug 2022, 02:07
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:activemq_artemis:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-79 | |
References | (MISC) https://lists.apache.org/thread/bh6y81wtotg75337bpvxcjy436zfgf3n - Mailing List, Third Party Advisory |
23 Aug 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-23 15:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-35278
Mitre link : CVE-2022-35278
CVE.ORG link : CVE-2022-35278
JSON object : View
Products Affected
netapp
- oncommand_workflow_automation
- active_iq_unified_manager
apache
- activemq_artemis