Date: Fri, 9 Dec 2016 10:01:08 -0500 From: Christopher Shannon <christopher.l.shannon@...il.com> To: dev@...ivemq.apache.org, users@...ivemq.apache.org, oss-security@...ts.openwall.com, bugtraq@...urityfocus.com Subject: [ANNOUNCE] CVE-2016-6810: ActiveMQ Web Console - Cross-Site Scripting The following security vulnerability was reported against Apache ActiveMQ 5.14.1 and older versions. Please check the following document and see if you’re affected by the issue. http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt Apache ActiveMQ 5.14.2 has been released with appropriate fixes and is available for upgrade.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ