Sonatype Nexus Repository Manager 3 Vulnerability Advisory (Severity Medium)

An access control bypass vulnerability (CVE-2020-15868) has been discovered in Nexus Repository Manager 3. We have fixed the vulnerability in version 3.26.0

The vulnerability was discovered and reported by nike.zheng@dbappsecurity.com.cn from Dbappsecurity Co., Ltd.

See Sonatype’s KB article for more detail: https://support.sonatype.com/hc/en-us/articles/360052192533