SB20260113100 - Multiple vulnerabilities in Sonatype Nexus Repository Manager

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2026-0600)

The disclosed vulnerability allows a remote user to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input. A remote administrator can configure a proxy repository with a remote storage URL that, when accessed by users, allows the server to make requests to unintended network destinations including cloud metadata services and internal networks.

2) Cross-site scripting (CVE-ID: CVE-2026-0601)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Remediation

Install update from vendor's website.

References

• https://support.sonatype.com/hc/en-us/articles/47928855816595-CVE-2026-0600-Nexus-Repository-3-Server-Side-Request-Forgery-2026-01-13
• https://support.sonatype.com/hc/en-us/articles/47934334375955-CVE-2026-0601-Nexus-Repository-3-Cross-Site-Scripting-2026-01-13