Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache ActiveMQ URL请求源码泄露漏洞
Vulnerability Description
ActiveMQ是美国Apache软件基金会所研发的一套开源的消息中间件,它支持Java消息服务、集群、Spring Framework等。 Apache ActiveMQ的Jetty ResourceHandler存在漏洞,远程攻击者可通过 (1) admin/index.jsp, (2) admin/queues.jsp, 或(3) admin/topics.jsp 的URI中以"//"开始的子字符串读取JSP源代码。
CVSS Information
N/A
Vulnerability Type
N/A