1Uhrm

**Name of the Vulnerable Software and Affected Versions** Apache Archiva versions 2.0.0 and later **Description** The issue is related to an Incorrect Authorization vulnerability in Apache Archiva, allowing an unauthenticated attacker to modify account data, potentially leading to account takeover. This vulnerability can be exploited by a remote attacker to gain access to a user's account. **Recommendations** As the project is retired and no fix will be released, users are recommended to find an alternative to Apache Archiva. Restrict access to the instance to trusted users to minimize the risk of exploitation.