PT-2018-16883 · Sonatype · Nexus Repository Manager

Daniel Ostovary

Published

2018-02-09

Updated

2018-02-27

CVE-2018-5306

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository Manager versions 3.x before 3.8

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via several parameters and fields, including:

the repoId or format parameter to the "service/siesta/healthcheck/healthCheckFileDetail/.../index.html" endpoint,
the filename in the "File Upload" functionality of the Staging Upload,
the username when creating a new user,
the IQ Server URL field in the IQ Server Connection functionality.

Recommendations For versions 3.x before 3.8, update to version 3.8 or later to resolve the issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2018-5306

Affected Products

Nexus Repository Manager

PT-2018-16883 · Sonatype · Nexus Repository Manager

CVE-2018-5306

Weakness Enumeration

Related Identifiers

Affected Products

References · 5