漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 2.x before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; (3) the filename in the "File Upload" functionality of the Staging Upload; (4) the username when creating a new user; or (5) the IQ Server URL field in the IQ Server Connection functionality.
漏洞信息
N/A
漏洞
N/A
漏洞
Sonatype Nexus Repository Manager 跨站脚本漏洞
漏洞信息
Sonatype Nexus Repository Manager(又名NXRM)是一款maven仓库管理器。 Sonatype Nexus Repository Manager 2.14.6之前的2.x版本中存在多个跨站脚本漏洞。远程攻击者可借助多种方法利用该漏洞注入任意的Web脚本或HTML。(多种方法包括:向service/siesta/healthcheck/healthCheckFileDetail/.../index.html文件发送‘repoId’或‘format’参数,借助Staging
漏洞信息
N/A
漏洞
N/A