Lucene search
Veracode Vulnerability DatabaseVERACODE:45737HistoryMar 04, 2024 - 4:50 a.m.
Cross Site Scripting(XSS)
2024-03-0404:50:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
cross site scripting
input neutralization
web page generation
malicious scripts
arbitrary code
unauthorized actions
software vulnerability
org.apache.archiva, archiva-common is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to improper neutralization of input during web page generation, allowing malicious scripts to be injected into web pages. This poses a risk of executing arbitrary code in the context of a user’s browser, potentially leading to unauthorized actions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| archiva base :: common | le | 2.2.10 | |
| archiva base :: common | le | 2.2.10 |
Related
osv
osv
Apache Archiva Reflected Cross-site Scripting vulnerability
2024-03-01 18:30:23
cve
cve
CVE-2024-27140
2024-03-01 16:15:46
github
github
Apache Archiva Reflected Cross-site Scripting vulnerability
2024-03-01 18:30:23
nvd
nvd
CVE-2024-27140
2024-03-01 16:15:46
prion
prion
Cross site scripting
2024-03-01 16:15:00
cvelist
cvelist
CVE-2024-27140 Apache Archiva: reflected XSS
2024-03-01 15:40:08