Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-02-05T18:00:00

Updated: 2024-08-06T15:20:36.416Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-1880

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-02-05T18:55:06.253

Modified: 2024-11-21T01:50:34.583

Link: CVE-2013-1880

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-03-21T00:00:00Z

Links: CVE-2013-1880 - Bugzilla