Vulnerabilities > Sonatype > Nexus Repository Manager > 2.14.9.01

DATE CVE VULNERABILITY TITLE RISK
2018-11-15 CVE-2018-16620 Incorrect Authorization vulnerability in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control.
network
low complexity
sonatype CWE-863
7.5
7.5
2018-11-15 CVE-2018-16619 Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager before 3.14 allows XSS.
network
low complexity
sonatype CWE-79
6.1
6.1