Nexus Repository Manager 3.21.1-01 Remote Code Execution
Posted on 16 April 2020
This Metasploit module exploits a Java Expression Language (EL) injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. Tested against 3.21.1-01.