Apache ActiveMQ unserializes objects received using the STOMP protocol with the XStream library. This leads to remote code execution due to unsafe deserialization. This module writes and executes an agent in vulnerable systems. Privileges obtained will be those of the user running the ActiveMQ server.
CVE Link
Product Name