Description

In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.

Remediation

References

http://archiva.apache.org/security.html#CVE-2019-0213

http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html

http://www.openwall.com/lists/oss-security/2019/04/30/7

http://www.securityfocus.com/bid/108123

https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E

https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E

https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E

https://seclists.org/bugtraq/2019/Apr/47

Related Vulnerabilities

CVE-2022-24999 Vulnerability in maven package org.webjars:qs

CVE-2022-43402 Vulnerability in maven package org.jenkins-ci.plugins.workflow:workflow-cps

CVE-2021-28161 Vulnerability in npm package @wiptheia/core

CVE-2023-49803 Vulnerability in maven package org.webjars.npm:koa__cors

CVE-2022-36917 Vulnerability in maven package org.jenkins-ci.plugins:google-cloud-backup

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Vendor Advisory Third Party Advisory VDB Entry Mailing List