PT-2026-2963 · Sonatype · Nexus Repository 3+1
Publicado
2026-01-14
·
Atualizado
2026-01-15
·
CVE-2026-0601
CVSS v4.0
5.1
Média
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
Name of the Vulnerable Software and Affected Versions
Nexus Repository 3 (affected versions not specified)
Description
A reflected cross-site scripting issue exists that could allow attackers to execute JavaScript code in a user's browser. This requires a crafted request and user interaction. The issue affects unauthenticated users.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nexus Repository 3
Nexus Repository Manager