Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-17T01:53:13
Updated: 2020-12-17T01:53:13
Reserved: 2020-11-30T00:00:00
Link: CVE-2020-29436
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-17T02:15:12.647
Modified: 2020-12-18T16:42:31.130
Link: CVE-2020-29436
JSON object: View
Redhat Information
No data.
CWE