CVE-2024-5083

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1

Description: A stored Cross-site Scripting vulnerability has been discovered, which affects the structure of web pages. This issue may allow a remote attacker to perform cross-site scripting attacks by publishing Maven artifacts, potentially leading to unauthorized actions or data theft.

Recommendations: For versions up to and including 2.15.1, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the maven artifacts to minimize the risk of exploitation. Avoid using the vulnerable Nexus Repository 2 until the issue is resolved.