CVE-2022-35278

CVE-2022-35278: HTML Injection in ActiveMQ Artemis Web Console

Vendor Apache Software Foundation
Product Apache ActiveMQ Artemis
Weakness CWE-80 · XSS · basic
Published August 23, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.

Key dates

02Disclosure timeline

August 23, 2022 CVE published
August 3, 2024 Record updated