An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.
References
Configurations
History
07 Nov 2023, 03:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Dec 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuApr2021.html - Not Applicable, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jun 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Feb 2021, 14:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* | |
CWE | CWE-79 | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
References | (MISC) http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt - Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E - Mailing List, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E - Mailing List, Vendor Advisory |
11 Feb 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Feb 2021, 22:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-08 22:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-13947
Mitre link : CVE-2020-13947
CVE.ORG link : CVE-2020-13947
JSON object : View
Products Affected
oracle
- communications_session_route_manager
- communications_session_report_manager
apache
- activemq
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')