CVE-2016-6810: ActiveMQ Web Console - Cross-Site Scripting Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache ActiveMQ 5.0.0 - 5.14.1 Description: An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation. Mitigation: Upgrade to Apache ActiveMQ 5.14.2 Credit: This issue was discovered by Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. and was reported by JPCERT/CC.