Description
In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.
Remediation
References
http://archiva.apache.org/security.html#CVE-2019-0213
http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html
http://www.openwall.com/lists/oss-security/2019/04/30/7
http://www.securityfocus.com/bid/108123
https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E
https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E
https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E
https://seclists.org/bugtraq/2019/Apr/47
Related Vulnerabilities
CVE-2021-40146 Vulnerability in maven package org.apache.any23:apache-any23-core
CVE-2017-15686 Vulnerability in maven package org.craftercms:crafter-studio
CVE-2023-25766 Vulnerability in maven package org.jenkins-ci.plugins:azure-credentials
CVE-2022-29252 Vulnerability in maven package org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
CVE-2023-28708 Vulnerability in maven package org.apache.tomcat:tomcat-catalina