Description
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.
Remediation
References
Related Vulnerabilities
WordPress Plugin Opal Estate Cross-Site Request Forgery (1.6.11)
WordPress Plugin Product Catalog SQL Injection (3.9.8)
WordPress Plugin SS Downloads Multiple Cross-Site Scripting Vulnerabilities (1.4.4.1)
WordPress Plugin Recip.ly 'uploadImage.php' Arbitrary File Upload (1.1.7)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)