CVE-2021-37152

Vulnerability

Multiple cross-site scripting (XSS) vulnerabilities exist in Sonatype Nexus Repository Manager 3 versions prior to 3.33.0. An authenticated attacker with the ability to add HTML files to a repository can inject malicious scripts. The affected versions include all 3.x releases before 3.33.0.

Exploitation

To exploit, the attacker must have valid authentication and the permission to upload HTML files to a repository. The attacker uploads a crafted HTML file containing malicious JavaScript. When other users access that file or are redirected to Nexus Repository Manager pages that render the file, the script executes in the context of the victim's session.

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the victim's browser within the Nexus Repository Manager application. This can lead to session hijacking, unauthorized actions, and data theft, effectively compromising the integrity and confidentiality of the repository management system.

Mitigation

The issue is fixed in Sonatype Nexus Repository Manager version 3.33.0. Users should upgrade to this version or later. No workarounds are documented. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.