Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-23148

CVE-2020-10203 - Cross Site Scripting (XSS)

    Details

    • Release Note:
      Yes

      Description

      An attacker with elevated privileges can create entities with specially crafted properties which when viewed by another user can execute arbitrary JavaScript in the context of the NXRM application.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dsawa Dawid Sawa
            Last Updated By:
            Michael Prescott Michael Prescott
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title