CVE-2013-2187

Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:archiva:1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:archiva:1.3.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-04-22 14:23

Updated : 2024-02-04 18:35


NVD link : CVE-2013-2187

Mitre link : CVE-2013-2187

CVE.ORG link : CVE-2013-2187


JSON object : View

Products Affected

apache

  • archiva
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')