Search CVE reports
21 – 23 of 23 results
Cross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled...
1 affected package
rabbitmq-server
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| rabbitmq-server | — | — | — | — | Not affected |
RabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users restriction via a crafted X-Forwareded-For header.
1 affected package
rabbitmq-server
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| rabbitmq-server | — | — | — | — | — |
Multiple cross-site scripting (XSS) vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) message details when a...
1 affected package
rabbitmq-server
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| rabbitmq-server | — | — | — | — | Not affected |