-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe commit diff shows: 1) In chat.js, raw string appends were replaced with document.createTextNode() to prevent HTML interpretation. 2) In PortfolioPublishServlet.java, URL encoding was added for output parameters. These changes directly address XSS vectors by implementing proper output encoding, confirming the original functions lacked sanitization.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.apache.activemq:activemq-core | maven | < 5.8.0 | 5.8.0 |