Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-23148

CVE-2020-10203 - Cross Site Scripting (XSS)

    XMLWordPrintable

    Details

    • Release Note:
      Yes

      Description

      An attacker with elevated privileges can create entities with specially crafted properties which when viewed by another user can execute arbitrary JavaScript in the context of the NXRM application.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            dsawa Dawid Sawa
            Last Updated By:
            Wes Wannemacher
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title

                  PagerDuty