exploitDog

CVE-2018-12100

Опубликовано: 11 июн. 2018

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI.

Ссылки

https://community.sonatype.com/t/repository-manager-3-12-0-released/31
Issue Tracking
Third Party Advisory
https://issues.sonatype.org/plugins/servlet/mobile#issue/NEXUS-16870
Issue Tracking
Third Party Advisory
https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001
Issue Tracking
Third Party Advisory
https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018
Vendor Advisory
https://community.sonatype.com/t/repository-manager-3-12-0-released/31
Issue Tracking
Third Party Advisory
https://issues.sonatype.org/plugins/servlet/mobile#issue/NEXUS-16870
Issue Tracking
Third Party Advisory
https://issues.sonatype.org/secure/ReleaseNote.jspa?version=17493&projectId=10001
Issue Tracking
Third Party Advisory
https://support.sonatype.com/hc/en-us/articles/360018565994-CVE-2018-12100-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-June-4th-2018
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sonatype:nexus_repository_manager:*:*:*:*:*:*:*:*

Версия от 3.3.0 (включая) до 3.12.0 (исключая)

EPSS

Процентиль: 56%

0.00342

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-586j-7m8p-vv8r

CVSS3: 4.8

github

больше 3 лет назад

Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI.

EPSS

Процентиль: 56%

0.00342

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79