CVE-2017-4965
Several forms in the RabbitMQ management UI are vulnerable to XSS
attacks.
CVE-2017-4966
RabbitMQ management UI stores signed-in user credentials in a
browser's local storage without expiration, making it possible to
retrieve them using a chained attack
CVE-2017-4967
Several forms in the RabbitMQ management UI are vulnerable to XSS
attacks.
CVE-2019-11281
The virtual host limits page, and the federation management UI,
which do not properly sanitize user input. A remote authenticated
malicious user with administrative access could craft a cross site
scripting attack that would gain access to virtual hosts and
policy management information
CVE-2019-11287
The "X-Reason" HTTP Header can be leveraged to insert a malicious
Erlang format string that will expand and consume the heap,
resulting in the server crashing.
CVE-2021-22116
A malicious user can exploit the vulnerability by sending
Get the latest Linux and open source security news straight to your inbox.