Description

Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).

Remediation

References

CVE-2021-30635

Related Vulnerabilities

WordPress Plugin NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)

WordPress 2.0.2 Username Remote PHP Code Injection Vulnerability (0.6.2 - 2.0.2)

WordPress Resource Management Errors Vulnerability (CVE-2014-5266)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12766)

WordPress Plugin Symbiostock-Sell Photos Online For Free! Arbitrary File Upload (6.0.0)

Severity

Medium

Classification

CVE-2021-30635 CWE-22

Tags

Missing Update Known Vulnerabilities