The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.
0bc2dbf6d87b6049a30cf872cd58cbce1c72539afcf4cc3fcb3c44514b701ed1
Apache ActiveMQ versions 5.11.1 and 5.13.2 suffer from command execution and directory traversal vulnerabilities.
af92593cd167e432ea1a2a76dc455bd4c971961c37ff8849eb0989167654bf38