Michael Alamoot (lhashashinl)

1 exploit Active since Aug 2021
CVE-2021-37152 NOMISEC MEDIUM WORKING POC
Sonatype Nexus Repository Manager 3.0.0-3.32.0 - Authenticated Stored Cross-Site Scripting via HTML File Upload
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications.
CVSS 5.4