nexus-repository is vulnerable to cross-site scripting (XSS). A lack of input validation and output sanitization allows a remote attacker to inject arbitrary Javascript into victim’s browser through multiple parameters.
CPE | Name | Operator | Version |
---|---|---|---|
nexus-repository | le | 3.11.0-01 |