2 matches found
Apache Archiva 2.2.3 Cross Site Scripting / File Write / Delete Vulnerabilities
Exploit for multiple platform in category web applications CVE-2019-0213: Apache Archiva Stored XSS Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Archiva 2.0.0 - 2.2.3 The unsupported versions 1.x are also affected. It may be possible to store malicious XSS code...
CVE-2019-0213
CVE-2019-0213 (Apache Archiva) affects Archiva versions prior to 2.2.4. The issue is a stored XSS vulnerability in central configuration entries (e.g., the logo URL) where an attacker with administrative access could inject JavaScript that would execute in a victim’s browser. The risk is describe...