Description
A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application.
Remediation
References
Related Vulnerabilities
WordPress Plugin Telugu Bible Verse Daily Cross-Site Request Forgery (1.0)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2013-2185)
MySQL CVE-2019-2589 Vulnerability (CVE-2019-2589)
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2006-20001)
WordPress Plugin WordPress File Upload Multiple Unspecified Vulnerabilities (3.10.0)