Vulnerabilities > Sonatype > Nexus Repository Manager > 3.16.2.01
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-22 | CVE-2019-14469 | Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager In Nexus Repository Manager before 3.18.0, users with elevated privileges can create stored XSS. | 3.5 |
| 2019-07-08 | CVE-2019-9630 | Incorrect Default Permissions vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images. | 5.0 |
| 2019-07-08 | CVE-2019-9629 | Improper Authentication vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults (fixed credentials). | 7.5 |