Medium severity6.1NVD Advisory· Published Apr 28, 2021· Updated Jun 17, 2026
CVE-2021-29159
CVE-2021-29159
Description
A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application.
Affected products
2- Nexus Repository/Nexus Repository Managerdescription
- Range: <3.30.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.