CVE-2026-44839

Published: Mag 27, 2026 Last Modified: Mag 27, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,6
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: high
User Interaction: active
Confidentiality: N/A
Integrity: N/A
Availability: N/A

Description

AI Translation Available

RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13.

80

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Incomplete
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability
Potential Impacts:
Read Application Data Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: Web Based, Web Server
Likelihood of Exploit: High
View CWE Details
https://github.com/rabbitmq/rabbitmq-server/commit/7f543192…
https://github.com/rabbitmq/rabbitmq-server/commit/7f54319279d1ece161ae0b4cdc6f…
https://github.com/rabbitmq/rabbitmq-server/security/adviso…
https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-fh5r-jpm3-…