The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Activemq | Apache | 5.3.0 | 5.3.0 |
Activemq | Apache | 5.11.1 | 5.11.1 |
Activemq | Apache | 5.8.0 | 5.8.0 |
Activemq | Apache | 5.4.3 | 5.4.3 |
Activemq | Apache | 5.4.0 | 5.4.0 |
Activemq | Apache | 5.5.1 | 5.5.1 |
Activemq | Apache | 5.12.0 | 5.12.0 |
Activemq | Apache | 5.4.1 | 5.4.1 |
Activemq | Apache | 5.13.0 | 5.13.0 |
Activemq | Apache | 5.9.0 | 5.9.0 |
Activemq | Apache | 5.11.2 | 5.11.2 |
Activemq | Apache | 5.11.0 | 5.11.0 |
Activemq | Apache | 5.3.1 | 5.3.1 |
Activemq | Apache | 5.2.0 | 5.2.0 |
Activemq | Apache | 5.7.0 | 5.7.0 |
Activemq | Apache | 5.0.0 | 5.0.0 |
Activemq | Apache | 5.12.1 | 5.12.1 |
Activemq | Apache | 5.10.1 | 5.10.1 |
Activemq | Apache | 5.10.0 | 5.10.0 |
Activemq | Apache | 5.1.0 | 5.1.0 |
Activemq | Apache | 5.5.0 | 5.5.0 |
Activemq | Apache | 5.3.2 | 5.3.2 |
Activemq | Apache | 5.10.2 | 5.10.2 |
Activemq | Apache | 5.9.1 | 5.9.1 |
Activemq | Apache | 5.12.2 | 5.12.2 |
Activemq | Apache | 5.6.0 | 5.6.0 |
Activemq | Apache | 5.4.2 | 5.4.2 |