Back to search
CVE-2011-0533
Published: Feb 17, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.22 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the extremecomponents table.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
70925
vdb-entry
x_refsource_OSVDB
http://svn.apache.org/viewvc?view=revision&revision=1066056
x_refsource_CONFIRM
46311
vdb-entry
x_refsource_BID
43261
third-party-advisory
x_refsource_SECUNIA
http://jira.codehaus.org/browse/CONTINUUM-2604
x_refsource_CONFIRM
[continuum-users] 20110210 [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability
mailing-list
x_refsource_MLIST
ADV-2011-0373
vdb-entry
x_refsource_VUPEN
1025065
vdb-entry
x_refsource_SECTRACK
20110216 [SECURITY] CVE-2011-0533: Apache Archiva cross-site scripting vulnerability
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:12581
vdb-entry
signature
x_refsource_OVAL
8091
third-party-advisory
x_refsource_SREASON
http://svn.apache.org/viewvc?view=revision&revision=1066053
x_refsource_CONFIRM
ADV-2011-0426
vdb-entry
x_refsource_VUPEN
43334
third-party-advisory
x_refsource_SECUNIA
continuum-unspec-xss(65343)
vdb-entry
x_refsource_XF
20110210 [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability
mailing-list
x_refsource_BUGTRAQ
http://continuum.apache.org/security.html
x_refsource_CONFIRM
20110211 [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now