Apache Archiva Home Page Cross-Site Scripting vulnerability

Summary
This host is installed with Apache Archiva and is prone to cross-site scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. Impact Level: Application
Solution
Upgrade to Apache Archiva 1.3.8, 2.0.1 or later, For updates refer to http://archiva.apache.org/index.cgi
Insight
The flaw exists because the home page does not validate input before returning it to users.
Affected
Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References