CVE-2026-3438 | Sonatype Nexus Repository up to 3.90.x cross site scripting

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability marked as problematic has been reported in Sonatype Nexus Repository up to 3.90.x. Impacted is an unknown function. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2026-3438. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-3438 | Sonatype Nexus Repository up to 3.90.x cross site scripting

Post correlati

CVE-2024-53476 | SimplCommerce 230310c8d7a0408569b292c5a805c459d47a1d8f Purchase Request race condition

CVE-2024-25601 | Liferay Portal/DXP Expando Module cross site scripting

CVE-2026-33294 | WWBN AVideo up to 25.x HTTP Request save.json.php url_get_contents server-side request forgery (GHSA-66cw-h2mj-j39p)

CVE-2024-51162 | audimexEE up to 15.1.20 Privilege Escalation