Description Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. Remediation References CVE-2018-16620 Related Vulnerabilities Osclass Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5162) WordPress Plugin Limit Attempts by BestWebSoft SQL Injection (1.1.0) Oracle Application Server CVE-2007-5526 Vulnerability (CVE-2007-5526) Squid Improper Certificate Validation Vulnerability (CVE-2021-41611) WordPress Plugin NEX-Forms-Ultimate Form builder SQL Injection (3.0) Severity High Classification CVE-2018-16620 CWE-863 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities