CVE-2011-0533
17.02.2011, 18:00
Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.22 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the extremecomponents table.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
apache | continuum | 1.1 |
apache | continuum | 1.2 |
apache | continuum | 1.2.2 |
apache | continuum | 1.2.3 |
apache | continuum | 1.2.3.1 |
apache | continuum | 1.3.6 |
apache | continuum | 1.4.0 |
apache | archiva | 1.0 |
apache | archiva | 1.0.1 |
apache | archiva | 1.0.2 |
apache | archiva | 1.0.3 |
apache | archiva | 1.1 |
apache | archiva | 1.1.1 |
apache | archiva | 1.1.2 |
apache | archiva | 1.1.3 |
apache | archiva | 1.1.4 |
apache | archiva | 1.2 |
apache | archiva | 1.2.1 |
apache | archiva | 1.2.2 |
apache | archiva | 1.3 |
apache | archiva | 1.3.1 |
apache | archiva | 1.3.2 |
apache | archiva | 1.3.3 |
𝑥
= Vulnerable software versions
References