Description

In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.

Remediation

References

http://archiva.apache.org/security.html#CVE-2019-0213

http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html

http://www.openwall.com/lists/oss-security/2019/04/30/7

http://www.securityfocus.com/bid/108123

https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E

https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E

https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E

https://seclists.org/bugtraq/2019/Apr/47

Related Vulnerabilities

CVE-2021-40146 Vulnerability in maven package org.apache.any23:apache-any23-core

CVE-2017-15686 Vulnerability in maven package org.craftercms:crafter-studio

CVE-2023-25766 Vulnerability in maven package org.jenkins-ci.plugins:azure-credentials

CVE-2022-29252 Vulnerability in maven package org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki

CVE-2023-28708 Vulnerability in maven package org.apache.tomcat:tomcat-catalina

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Vendor Advisory Third Party Advisory VDB Entry Mailing List