VYPR
Medium severity6.1NVD Advisory· Published Apr 28, 2021· Updated Jun 17, 2026

CVE-2021-29159

CVE-2021-29159

Description

A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.