Description

In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.

Remediation

References

http://archiva.apache.org/security.html#CVE-2019-0213

http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html

http://www.openwall.com/lists/oss-security/2019/04/30/7

http://www.securityfocus.com/bid/108123

https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E

https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E

https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E

https://seclists.org/bugtraq/2019/Apr/47

Related Vulnerabilities

CVE-2023-23936 Vulnerability in maven package org.webjars.npm:undici

CVE-2021-4040 Vulnerability in maven package org.apache.activemq:artemis-core-client

CVE-2017-5653 Vulnerability in maven package org.apache.cxf:cxf-rt-rs-security-xml

CVE-2021-31407 Vulnerability in maven package com.vaadin:flow-server

CVE-2011-5062 Vulnerability in maven package org.apache.tomcat:catalina

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Vendor Advisory Third Party Advisory VDB Entry Mailing List