Cross-Site Scripting Vulnerability in RabbitMQ Management UI by Pivotal
CVE-2017-4967
6.1MEDIUM
What is CVE-2017-4967?
A vulnerability found in specific versions of Pivotal RabbitMQ exposes the management UI to potential Cross-Site Scripting attacks. This occurs due to several vulnerable forms present in the interface, which can be exploited by an attacker to execute malicious scripts in the context of the user's browser. Users of RabbitMQ versions 3.4.x, 3.5.x, 3.6.x (prior to 3.6.9), and certain versions of RabbitMQ for PCF should prioritize updating their systems to mitigate the risk associated with this vulnerability.
Affected Version(s)
Pivotal RabbitMQ Pivotal RabbitMQ
