Description

Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).

Remediation

References

CVE-2021-30635

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21729)

WordPress 2.8.1 Comment Author URI Cross-Site Scripting Vulnerability (0.6.2 - 2.8.1)

Drupal Core 9.0.0 Security Bypass (9.0.0)

SharePoint CVE-2021-26420 Vulnerability (CVE-2021-26420)

PHP Numeric Errors Vulnerability (CVE-2011-0755)

Severity

Medium

Classification

CVE-2021-30635 CWE-22

Tags

Missing Update Known Vulnerabilities