CNNVD-202601-2360 Information
CNNVD ID
CNNVD-202601-2360
Related CVE
- CNNVD Published: 2026-01-14
Description (Chinese)
Sonatype Nexus Repository是美国Sonatype公司的一款存储库管理器,它主要用于管理、存储和分发软件等。 Sonatype Nexus Repository存在安全漏洞,该漏洞源于对请求参数清理和转义不足,可能导致反射型跨站脚本攻击。
Description (English)
Sonatipe Nexus Repivory is a repository manager of Sonatipe, United States, which is used mainly for the management, storage and distribution of software. There is a security loophole in Sonatipe Nexus Repository, which stems from inadequate clearance and transposition of the requested parameters, which may lead to a cross-station scrip attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Sonatype
Published
2026-01-14
Last Modified
2026-02-24
References
https://help.sonatype.com/en/sonatype-nexus-repository-3-88-0-release-notes.html https://support.sonatype.com/hc/en-us/articles/47934334375955 https://access.redhat.com/security/cve/cve-2026-0601
Patch
https://support.sonatype.com/hc/en-us/articles/47934334375955
Share on: