CVE-2023-28158: Apache Archiva privilege escalation
First published: Wed Mar 29 2023(Updated: )
Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Archiva | >=2.0<2.2.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-28158?
CVE-2023-28158 is a vulnerability that allows for privilege escalation through stored cross-site scripting (XSS) using the file upload service to upload malicious content.
Who can exploit CVE-2023-28158?
Only authenticated users with the ability to create directory names can exploit this vulnerability.
How does CVE-2023-28158 work?
Authenticated users can inject XSS content into directory names when using the file upload service, allowing them to gain elevated privileges such as admin user access.
What is the severity of CVE-2023-28158?
The severity of CVE-2023-28158 is medium, with a severity value of 5.4.
How can I mitigate CVE-2023-28158?
To mitigate CVE-2023-28158, ensure that all user-supplied input is properly validated and sanitized when creating directory names for the file upload service.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/title
- agent/description
- agent/author
- agent/event
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/apache
- canonical/apache archiva
- version/apache archiva/2.0