CVE-2020-13947 - XSS in WebConsole Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Apache ActiveMQ prior to 5.15.14 and 5.16.1 Description: An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions prior to 5.15.14 and 5.16.1. Mitigation: Upgrade to at least Apache ActiveMQ 5.15.14 or 5.16.1 Credit: This issue was discovery by: * qiang qiang