Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 17 Aug 2022 15:42:09 -0500
From: Justin Bertram <>
	Apache Security Team <>,
Subject: CVE-2022-35278: Apache ActiveMQ Artemis: HTML Injection in ActiveMQ
 Artemis Web Console


An attacker could show malicious content and/or redirect users to a
malicious URL in the web console by using HTML in the name of an address or


Upgrade to Apache ActiveMQ Artemis 2.24.0.


Apache ActiveMQ would like to thank Yash Pandya (Digital14), Rajatkumar
Karmarkar (Digital14), and Likhith Cheekatipalle (Digital14) for reporting
this issue.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.