Description In Nexus Repository Manager before 3.18.0, users with elevated privileges can create stored XSS. Remediation References CVE-2019-14469 Related Vulnerabilities WordPress Plugin VM Backups Cross-Site Request Forgery (1.0) WordPress Plugin Booster for WooCommerce PHP Object Injection (3.0.1) WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.5) Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-11322) WordPress Plugin GistPress Cross-Site Scripting (3.0.1) Severity Medium Classification CVE-2019-14469 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities