An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation. Affected versions: ActiveMQ 5.0.0 - 5.14.1 External Reference: http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt
Created activemq tracking bugs for this issue: Affects: fedora-all [bug 1404647]
Mitigation: Users are advised to use hawtio as an alternative to the old management console.