Moderate severityNVD Advisory· Published Feb 8, 2021· Updated Aug 4, 2024
CVE-2020-13947
CVE-2020-13947
Description
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.activemq:activemq-parentMaven | >= 5.16.0, < 5.16.1 | 5.16.1 |
org.apache.activemq:activemq-parentMaven | < 5.15.14 | 5.15.14 |
Affected products
3- Apache/ActiveMQdescription
- osv-coords2 versions
< 5.15.14+ 1 more
- (no CPE)range: < 5.15.14
- (no CPE)range: >= 5.16.0, < 5.16.1
Patches
Vulnerability mechanics
References
13- github.com/advisories/GHSA-66gw-ch5v-74v8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-13947ghsaADVISORY
- activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txtghsax_refsource_MISCWEB
- github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80ghsaWEB
- github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1ghsaWEB
- lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66%40%3Ccommits.activemq.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3EghsaWEB
- lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c%40%3Cdev.activemq.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c%40%3Cusers.activemq.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3EghsaWEB
- lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3EghsaWEB
- www.oracle.com/security-alerts/cpuApr2021.htmlghsax_refsource_MISCWEB
- www.oracle.com/security-alerts/cpuoct2021.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.