Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications.
CPE | Name | Operator | Version |
---|---|---|---|
nexus_repository_manager | ge | 3.0.0 | |
nexus_repository_manager | lt | 3.33.0 |