CVE-2022-29405
Apache Archiva Arbitrary user password reset vulnerability
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8
Affected products
Apache Software Foundation · Apache ArchivaWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →