vendor:
Apache ActiveMQ
by:
5.5
CVSS
MEDIUM
Source Code Disclosure
CWE
Product Name: Apache ActiveMQ
Affected Version From: 5.3.2001
Affected Version To: 5.3.2001
Patch Exists: NO
Related CWE:
CPE: a:apache:activemq:5.3.1
Platforms Tested:
Apache ActiveMQ Source Code Disclosure Vulnerability
The vulnerability allows attackers to access source code by exploiting the lack of proper sanitization of user-supplied input in Apache ActiveMQ. By exploiting this vulnerability, an attacker can retrieve arbitrary files from the vulnerable computer in the context of the webserver process, potentially aiding in further attacks.