First published: Mon Jun 11 2018(Updated: )
Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sonatype Nexus Repository Manager | >=3.3.0<3.12.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Sonatype Nexus Repository Manager is a software application used for managing and organizing software artifacts.
XSS (Cross-Site Scripting) is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.
The severity of CVE-2018-12100 is medium with a CVSS score of 4.8.
CVE-2018-12100 allows for XSS attacks in multiple areas of the Administration UI in Sonatype Nexus Repository Manager.
To fix CVE-2018-12100, upgrade your Sonatype Nexus Repository Manager to version 3.12.0 or later.