This host is installed with Apache ActiveMQ and is prone to cross site scripting vulnerability.
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.
Upgrade to version 5.9.0 or later, For Updates refer to http://activemq.apache.org
Flaws is due to an improper validation of the command in a user crontab file upon processing by the scheduled.jsp script.
Apache ActiveMQ 5.8.0 and prior
Send a Crafted HTTP POST request and check whether it is able to read the cookie or not.
- Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
- Apache Struts2/XWork Remote Command Execution Vulnerability
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- 3Com NBX VoIP NetSet Detection