Test ID:	1.3.6.1.4.1.25623.1.0.149477
Category:	Privilege escalation
Title:	Apache Archiva 2.x < 2.2.10 Privilege Escalation Vulnerability
Summary:	Apache Archiva is prone to a privilege escalation; vulnerability.
Description:	Summary: Apache Archiva is prone to a privilege escalation vulnerability. Vulnerability Insight: Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user. Affected Software/OS: Apache Archiva version 2.x through 2.2.9. Solution: Upgrade to version 2.2.10 or later. CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-28158 https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt http://www.openwall.com/lists/oss-security/2023/04/18/2
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.