CVE-2011-0533

N/A Unknown

Published: February 17, 2011 Modified: April 29, 2026

Description

Cross-site scripting (XSS) vulnerability in Apache Continuum 1.1 through 1.2.3.1, 1.3.6, and 1.4.0 Beta; and Archiva 1.3.0 through 1.3.3 and 1.0 through 1.22 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to the autoIncludeParameters setting for the extremecomponents table.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://continuum.apache.org/security.html

Source: secalert@redhat.com

http://jira.codehaus.org/browse/CONTINUUM-2604

Source: secalert@redhat.com

http://mail-archives.apache.org/mod_mbox/continuum-users/201102.mbox/%3C981C0A79-5B7B-4053-84CC-3217870BE360%40apache.org%3E

Source: secalert@redhat.com

http://osvdb.org/70925

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2011/Feb/236

Source: secalert@redhat.com

Patch

http://secunia.com/advisories/43261

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/43334

Source: secalert@redhat.com

Vendor Advisory

http://securityreason.com/securityalert/8091

Source: secalert@redhat.com

http://securitytracker.com/id?1025065

Source: secalert@redhat.com

http://svn.apache.org/viewvc?view=revision&revision=1066053

Source: secalert@redhat.com

Patch

http://svn.apache.org/viewvc?view=revision&revision=1066056

Source: secalert@redhat.com

Patch

http://www.securityfocus.com/archive/1/516342/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/516474/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/46311

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2011/0373

Source: secalert@redhat.com

Vendor Advisory

http://www.vupen.com/english/advisories/2011/0426

Source: secalert@redhat.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/65343

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12581

Source: secalert@redhat.com

http://continuum.apache.org/security.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://jira.codehaus.org/browse/CONTINUUM-2604

Source: af854a3a-2127-422b-91ae-364da2661108

http://mail-archives.apache.org/mod_mbox/continuum-users/201102.mbox/%3C981C0A79-5B7B-4053-84CC-3217870BE360%40apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/70925

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2011/Feb/236

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://secunia.com/advisories/43261

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/43334

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/8091

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1025065

Source: af854a3a-2127-422b-91ae-364da2661108

http://svn.apache.org/viewvc?view=revision&revision=1066053

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://svn.apache.org/viewvc?view=revision&revision=1066056

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/archive/1/516342/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/516474/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/46311

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2011/0373

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2011/0426

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/65343

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12581

Source: af854a3a-2127-422b-91ae-364da2661108

36 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.2%

90th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

apache

Related CVEs

CVE-2026-40941 N/A

CVE-2026-40084 6.5

CVE-2026-40083 7.2

CVE-2026-40082 5.4

CVE-2026-40080 6.1