Description

Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).

Remediation

References

CVE-2021-30635

Related Vulnerabilities

WordPress Plugin Easy Digital Downloads Attach Accounts to Orders Cross-Site Scripting (2.0.1)

PHP Other Vulnerability (CVE-2007-1835)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)

WordPress Plugin Booking Calendar Contact Form Multiple Vulnerabilities (1.0.23)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Arbitrary File Upload (1.0.83)

Severity

Medium

Classification

CVE-2021-30635 CWE-22

Tags

Missing Update Known Vulnerabilities