Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-23148

CVE-2020-10203 - Cross Site Scripting (XSS)

Details

    • Yes

    Description

      An attacker with elevated privileges can create entities with specially crafted properties which when viewed by another user can execute arbitrary JavaScript in the context of the NXRM application.

      Attachments

        Activity

          People

            Unassigned Unassigned
            dsawa Dawid Sawa
            Michael Prescott Michael Prescott
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              tigCommentSecurity.panel-title