Cross-Site Scripting Vulnerability in Apache Archiva by Apache

CVE-2013-2187

Summary

A cross-site scripting vulnerability exists in Apache Archiva versions 1.2 through 1.2.2 and versions prior to 1.3.8. This flaw allows remote attackers to inject arbitrary web scripts or HTML through unspecified parameters, primarily affecting the application's home page. If exploited, this vulnerability could enable attackers to manipulate user sessions or redirect users to malicious sites. It is crucial for users of affected versions to apply available patches to mitigate potential risks.

References