CVE-2023-28158

MEDIUM

Apache Archiva 2.0-2.2.9 - Authenticated Stored Cross-Site Scripting via Directory Name Injection

Title source: llm

Description

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.

References (2)

Core 2

Core References

Mailing List, Vendor Advisory vendor-advisory

https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt

Mailing List

http://www.openwall.com/lists/oss-security/2023/04/18/2

Scores

CVSS v3 6.5

EPSS 0.0041

EPSS Percentile 61.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (2)

apache/archiva 2.0 - 2.2.10

org.apache.archiva/archiva 2.0.0 - 2.2.10Maven

Published Mar 29, 2023

Tracked Since Feb 18, 2026