CVE-2012-6092 is a vulnerability in Apache ActiveMQ
Published on April 21, 2013

Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.

Vendor Advisory NVD

Products Associated with CVE-2012-6092

Want to know whenever a new CVE is published for Apache ActiveMQ? stack.watch will email you.

Apache ActiveMQ

Exploit Probability

EPSS

2.58%

Percentile

85.32%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2012-6092 is a vulnerability in Apache ActiveMQPublished on April 21, 2013

Products Associated with CVE-2012-6092

Exploit Probability

CVE-2012-6092 is a vulnerability in Apache ActiveMQ
Published on April 21, 2013