org.apache.archiva, archiva-common is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to improper neutralization of input during web page generation, allowing malicious scripts to be injected into web pages. This poses a risk of executing arbitrary code in the context of a user’s browser, potentially leading to unauthorized actions.
CPE | Name | Operator | Version |
---|---|---|---|
archiva base :: common | le | 2.2.10 | |
archiva base :: common | le | 2.2.10 |