CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

NVD•added 2018/02/09 10:29 p.m.•17 views

CVE-2018-5307

Multiple cross-site scripting XSS vulnerabilities in Sonatype Nexus Repository Manager aka NXRM 2.x before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via 1 the repoId or 2 format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; 3 the filename...

6.1CVSS6.1AI score0.01223EPSS

Exploits3References3

NVD•added 2018/02/09 10:29 p.m.•28 views

CVE-2018-5306

Multiple cross-site scripting XSS vulnerabilities in Sonatype Nexus Repository Manager aka NXRM 3.x before 3.8 allow remote attackers to inject arbitrary web script or HTML via 1 the repoId or 2 format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; 3 the filename in...

6.1CVSS6.1AI score0.01116EPSS

Exploits3References3

OSV•added 2018/02/09 10:29 p.m.•27 views

CVE-2018-5306

6.1CVSS6AI score0.01116EPSS

Exploits3References3

Prion•added 2018/02/09 10:29 p.m.•18 views

Cross site scripting

4.3CVSS6AI score0.01223EPSS

Exploits3References3Affected Software1

Prion•added 2018/02/09 10:29 p.m.•23 views

Cross site scripting

4.3CVSS6AI score0.01116EPSS

Exploits3References3Affected Software1

Cvelist•added 2018/02/09 10:0 p.m.•29 views

CVE-2018-5306

6.1AI score0.01116EPSS

Exploits3References3

Cvelist•added 2018/02/09 10:0 p.m.•22 views

CVE-2018-5307

6.1AI score0.01223EPSS

Exploits3References3

CVE•added 2018/02/09 10:0 p.m.•48 views

CVE-2018-5307

Summary: CVE-2018-5307 covers multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (NXRM) 2.x prior to 2.14.6, with exploitation possible via several parameters/files (repoId, format parameter to healthCheckFileDetail, staging upload filename, username on user ...

6.1CVSS6AI score0.01223EPSS

Exploits3References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by