HomePentest-Tools.com Logo

Apache Archiva 2.x < 2.2.10 Privilege Escalation Vulnerability CVE-2023-28158

Severity
CVSSv3 Score
5.4
Vulnerability description

Apache Archiva is prone to a privilege escalation vulnerability.

Risk description

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.

Recommendation

Upgrade to version 2.2.10 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 29, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available