Cross-Site Scripting Vulnerability in Nexus Repository Manager by Sonatype
CVE-2021-29159
6.1MEDIUM
What is CVE-2021-29159?
A cross-site scripting (XSS) vulnerability exists in Nexus Repository Manager 3.x versions before 3.30.1. This vulnerability allows attackers with local accounts to manipulate entities by crafting properties that execute arbitrary JavaScript when viewed by an administrator. Such attacks can compromise the security of web applications and expose sensitive information within the NXRM context.