Skip to content
Permalink
Browse files
Fixing wrong line in security info
  • Loading branch information
effrafax committed Jun 19, 2020
1 parent 9a87f85 commit 842644008ff9f86fd04a979fcc5080a695a2752d
Showing 1 changed file with 1 addition and 2 deletions.
@@ -160,7 +160,6 @@ <h3><a name="CVE-2020-9495:_Apache_Archiva_login_service_is_vulnerable_to_LDAP_i
<p>Mitigation:</p>
<ul>
<li>Upgrade to <a href="./download.cgi"> Archiva 2.2.5 or higher</a></li>
<li>Make sure, that communication between Archiva server and browser is secure by using TLS and only certain users are assigned to admin role.</li></ul></div>
<div class="section">
<h3><a name="CVE-2019-0213:_Apache_Archiva_XSS_may_be_stored_in_central_UI_configuration"></a><a name="CVE-2019-0213">CVE-2019-0213</a>: Apache Archiva XSS may be stored in central UI configuration</h3>
<p>It may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised. </p>
@@ -274,4 +273,4 @@ <h3><a name="CVE-2010-3449:_Apache_Archiva_CSRF_Vulnerability"></a><a name="CVE-
</div>
</footer>
</body>
</html>
</html>

0 comments on commit 8426440

Please sign in to comment.