Page 2 of 6 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or API. NOTE: in 3.22.0, scripting is disabled by default (making this not exploitable). Se descubrió un problema en Sonatype Nexus Repository Manager en las versiones 3.21.1 y 3.22.0. Es posible que un usuario con los privilegios apropiados cree, modifique y ejecute tareas scripting sin utilizar la Interfaz de Usuario o la API. • https://cwe.mitre.org/data/definitions/284.html https://support.sonatype.com/hc/en-us/articles/360046233714 • CWE-863: Incorrect Authorization •