2 matches found
CVE-2018-5306
Multiple cross-site scripting XSS vulnerabilities in Sonatype Nexus Repository Manager aka NXRM 3.x before 3.8 allow remote attackers to inject arbitrary web script or HTML via 1 the repoId or 2 format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; 3 the filename in...
Sonatype Nexus Repository Manager OSS/Pro 2.14.5 / 3.7.1 XSS
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Cross-Site Scripting Vulnerabilities product: Sonatype Nexus Repository Manager OSS/Pro vulnerable version: =2.14.5, =3.7.1 fixed version: 2.14.6, 3.8.0 CVE...