CVE-2026-3438 | Sonatype Nexus Repository up to 3.90.x cross site scripting

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability marked as problematic has been reported in Sonatype Nexus Repository up to 3.90.x. Impacted is an unknown function. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-3438. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-3438 | Sonatype Nexus Repository up to 3.90.x cross site scripting

Post correlati

CVE-2025-50467 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount supportedDataTypeParam sql injection

CVE-2024-41825 | JetBrains TeamCity up to 2024.03.3 Code Inspection Tab cross site scripting

CVE-2025-6252 | qodeinteractive Qi Addons for Elementor Plugin up to 1.9.1 on WordPress several cross site scripting

CVE-2024-29231 | Synology Surveillance Station prior 9.2.0-9289/9.2.0-11289 WebAPI UserPrivilege.Enum array index (SA_24_04)