SecurityWeek

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

RCE vulnerability in Apache ActiveMQ Classic that remained unnoticed for 13 years can be exploited via an Jolokia API.
Threat Post

Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors

With the malicious code embedded into websites, the attacker can then piggyback on the trust level of the website and launch a variety of attacks. Researchers have found a cross-site scripting (XSS) ...
CSOonline

Patched Apache ActiveMQ bug abused to drop Godzilla web shells

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...
Bleeping Computer

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

Over three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability. Apache ActiveMQ is a scalable open-source ...