Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2021-29159

A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that when viewed by an administrator can execute arbitrary JavaScript in the context of the NXRM application.