Description
A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application.
Remediation
References
Related Vulnerabilities
Django Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23833)
WordPress Plugin WP Easy Poll Multiple Vulnerabilities (1.1.3)
WordPress Plugin WP Academic People List Cross-Site Scripting (0.4.1)
WordPress Plugin Vertical SlideShow Arbitrary File Upload (2.3)
WordPress Plugin WP Google Review Slider Cross-Site Scripting (11.5)