Cross-Site Scripting (XSS) Vulnerability in RabbitMQ Management UI

Cross-Site Scripting (XSS) Vulnerability in RabbitMQ Management UI

CVE-2017-4965 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. Several forms in the RabbitMQ management UI are vulnerable to XSS attacks.

Learn more about our Web Application Penetration Testing UK.