Apache ActiveMQ is prone to source code disclosure vulnerability.
-----------------------------------------------------------------
Key: AMQ-2700
URL: https://issues.apache.org/activemq/browse/AMQ-2700
Project: ActiveMQ
Issue Type: Bug
Affects Versions: 5.3.1
Environment: Linux/Windows environment
Reporter: veerendra
An input validation error is present in Apache ActiveMQ. Adding '//' after the
port in an URL causes it to disclose the JSP page source.
This has been tested on various admin pages,
admin/index.jsp, admin/queues.jsp, admin/topics.jsp etc.
NOTE : Refer attached file for complete information/advisory.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
