CVE-2019-0213 is a vulnerability in Apache Archiva
Published on April 30, 2019
In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.
Products Associated with CVE-2019-0213
Want to know whenever a new CVE is published for Apache Archiva? stack.watch will email you.
Affected Versions
Apache Archiva Version All versions prior to version 2.2.4 is affected by CVE-2019-0213Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.