Description
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2242)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.27)
Apache Traffic Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2018-8040)
Oracle HTTP Server Improper Initialization Vulnerability (CVE-2022-22719)