Description:
An attacker could show malicious content and/or redirect users to a
malicious URL in the web console by using HTML in the name of an address or
queue.
Mitigation:
Upgrade to Apache ActiveMQ Artemis 2.24.0.
Credit:
Apache ActiveMQ would like to thank Yash Pandya (Digital14), Rajatk
Great! Thanks!
Da: Justin Bertram
Data: mercoledì, 17 agosto 2022 18:46
A: users@activemq.apache.org
Oggetto: Re: Artemis security plugin looks like not intercepting MQTT LWT
messages
Just to follow up...
I created ARTEMIS-3942 [1] for this and sent a PR [2].
Justin
[1] https://issues.apach
Just to follow up...
I created ARTEMIS-3942 [1] for this and sent a PR [2].
Justin
[1] https://issues.apache.org/jira/browse/ARTEMIS-3942
[2] https://github.com/apache/activemq-artemis/pull/4180
On Tue, Aug 16, 2022 at 2:07 PM Justin Bertram wrote:
> Your observation is correct. Currently MQ
