Description
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.
Remediation
References
http://archiva.apache.org/security.html
http://www.securitytracker.com/id/1030130
http://www.securityfocus.com/bid/66991
http://www.securityfocus.com/archive/1/531884/100/0/threaded
Related Vulnerabilities
CVE-2016-10518 Vulnerability in npm package ws
CVE-2023-46233 Vulnerability in maven package org.webjars.bower:crypto-js
CVE-2016-1000232 Vulnerability in npm package tough-cookie
CVE-2023-26132 Vulnerability in npm package dottie
CVE-2019-10744 Vulnerability in maven package org.webjars.bower:lodash