Skip to content
Permalink
Browse files
Fix for layout
  • Loading branch information
effrafax committed Jun 19, 2020
1 parent 8426440 commit 4951ebe55f7c27cef3515e5ddbe8599bd76789f0
Showing 1 changed file with 3 additions and 0 deletions.
@@ -160,6 +160,9 @@ <h3><a name="CVE-2020-9495:_Apache_Archiva_login_service_is_vulnerable_to_LDAP_i
<p>Mitigation:</p>
<ul>
<li>Upgrade to <a href="./download.cgi"> Archiva 2.2.5 or higher</a></li>
</ul>
</div>

<div class="section">
<h3><a name="CVE-2019-0213:_Apache_Archiva_XSS_may_be_stored_in_central_UI_configuration"></a><a name="CVE-2019-0213">CVE-2019-0213</a>: Apache Archiva XSS may be stored in central UI configuration</h3>
<p>It may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised. </p>

0 comments on commit 4951ebe

Please sign in to comment.