CVE-2020-14319

Name of the Vulnerable Software and Affected Versions AMQ Online versions prior to 1.5.2 Enmasse versions 0.31.0-rc1 through 0.32.2

Description A Cross-Site Request Forgery (CSRF) issue was discovered, which can be exploited when preflight checks are not performed or are bypassed. This can affect authorized users using older browsers with Adobe Flash when targeted by an attacker.

Recommendations For AMQ Online versions prior to 1.5.2, update to version 1.5.2 or later to resolve the issue. For Enmasse versions 0.31.0-rc1 through 0.32.2, update to version 0.32.2 or later to resolve the issue. As a temporary workaround, consider disabling Adobe Flash in older browsers to minimize the risk of exploitation.