CVE-2023-28158

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.

Published: Mar 29, 2023
Updated: May 4, 2025
CVE: CVE-2023-28158
GHSA: GHSA-qf34-f43r-gv9p
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
apache / archiva	2.0	2.2.10
org.apache.archiva / archiva	2.0.0	2.2.10

http://www.openwall.com/lists/oss-security/2023/04/18/2
https://github.com/apache/archiva/commit/d62e81c7e75f617cf01d2a75952a2c857758f8c4
https://github.com/apache/archiva/commit/e7f7e70992d361d8b7a3298ddcdf49dda2fdc842
https://github.com/apache/archiva/commit/ee3ee0a18977b67b6997ea8cd023816201059f96
https://github.com/apache/archiva/releases/tag/archiva-2.2.10
https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt

Vulnerability Database

289,784

CVE-2023-28158