Bug 2109805 (CVE-2022-35278)

Summary: CVE-2022-35278 activemq-artemis: AMQ Broker web console HTML Injection
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: aileenc, ataylor, chazlett, dbruscin, gmalinko, janstey, jochrist, jpavlik, jross, jwon, mokumar, pdelbell, rkieley, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A security vulnerability was found in ActiveMQ Artemis. This flaw allows an attacker to show malicious content and redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-09-03 13:55:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2109811    

Description Sandipan Roy 2022-07-22 07:54:07 UTC 
HTML injection is a type of injection vulnerability that occurs when a user is able to control an input point and is able to inject arbitrary HTML code into a vulnerable web page. This vulnerability can have many consequences, like disclosure of a user’s session cookies that could be used to impersonate the victim, or, more generally, it can allow the attacker to modify the page content seen by the victims.
This vulnerability occurs when user input is not correctly sanitized and the output is not encoded. An injection allows the attacker to send a malicious HTML page to a victim. The targeted browser will not be able to distinguish (trust) legitimate parts from malicious parts of the page, and consequently will parse and execute the whole page in the victim’s context.
Comment 4 errata-xmlrpc 2022-09-01 07:19:08 UTC 
This issue has been addressed in the following products:

  Red Hat AMQ 7.8.7

Via RHSA-2022:6292 https://access.redhat.com/errata/RHSA-2022:6292
Comment 5 Product Security DevOps Team 2022-09-03 13:55:44 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-35278
Comment 6 errata-xmlrpc 2022-10-12 07:57:30 UTC 
This issue has been addressed in the following products:

  AMQ Broker 7.10.1

Via RHSA-2022:6916 https://access.redhat.com/errata/RHSA-2022:6916