CVE-2018-12100

Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI.

Published : 2018-06-11 11:29 Updated : 2019-03-18 15:21

3.5
CVSS Score More info
Score 3.5 / 10
3.5

CPE

There is no CPE for this CVE.

CWE

ID Name Description Links
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. CVE

History of changes

Date Event
2019-03-18 15:21
2019-03-15 20:29
2018-08-01 12:06
2018-06-12 01:29
2018-06-11 11:29

New CVE