Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-28158

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.1%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2023-28158
  • Apache » Archiva » Version: 2.0.0
    cpe:2.3:a:apache:archiva:2.0.0
  • Apache » Archiva » Version: 2.0.1
    cpe:2.3:a:apache:archiva:2.0.1
  • Apache » Archiva » Version: 2.1.0
    cpe:2.3:a:apache:archiva:2.1.0
  • Apache » Archiva » Version: 2.1.1
    cpe:2.3:a:apache:archiva:2.1.1
  • Apache » Archiva » Version: 2.2.0
    cpe:2.3:a:apache:archiva:2.2.0
  • Apache » Archiva » Version: 2.2.1
    cpe:2.3:a:apache:archiva:2.2.1
  • Apache » Archiva » Version: 2.2.2
    cpe:2.3:a:apache:archiva:2.2.2
  • Apache » Archiva » Version: 2.2.3
    cpe:2.3:a:apache:archiva:2.2.3
  • Apache » Archiva » Version: 2.2.4
    cpe:2.3:a:apache:archiva:2.2.4
  • Apache » Archiva » Version: 2.2.5
    cpe:2.3:a:apache:archiva:2.2.5
  • Apache » Archiva » Version: 2.2.6
    cpe:2.3:a:apache:archiva:2.2.6
  • Apache » Archiva » Version: 2.2.7
    cpe:2.3:a:apache:archiva:2.2.7
  • Apache » Archiva » Version: 2.2.8
    cpe:2.3:a:apache:archiva:2.2.8
  • Apache » Archiva » Version: 2.2.9
    cpe:2.3:a:apache:archiva:2.2.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved