CVE-2020-1941: Cross-site Scripting

May 14, 2020 (updated July 20, 2021)

In Apache ActiveMQ, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue.

References

activemq.apache.org/security-advisories.data/CVE-2020-1941-announcement.txt
nvd.nist.gov/vuln/detail/CVE-2020-1941

Detect and mitigate CVE-2020-1941 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →