CVE-2018-12100

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-12100
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12100.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-12100
Published
2018-06-11T11:29:00.473Z
Modified
2026-03-15T14:02:00.323709Z
Severity
  • 4.8 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI.

References

Affected packages

Git / github.com/sonatype/nexus-public

Affected ranges

Type
GIT
Repo
https://github.com/sonatype/nexus-public
Events
Introduced
d0772489c9be5b7b6617d2cd828f05ab250203de
Fixed
36d2005f828e1e5428fe23c2f3c6d29394b26785
Database specific 
{
    "versions": [
        {
            "introduced": "3.3.0"
        },
        {
            "fixed": "3.12.0"
        }
    ]
}

Affected versions

release-3.*
release-3.3.0-01
release-3.4.0-02
release-3.5.0-02

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12100.json"