In Nexus Repository Manager before 3.18.0, users with elevated privileges can create stored XSS.Referenceshttps://support.sonatype.com/hc/en-us/articles/360033999733-CVE-2019-14469-Nexus-Repository-Manager-3-Cross-Site-Scripting-XSS-2019-07-26
