Vulnerabilities

CVE-2026-3438

by Fred · 08/04/2026

A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim’s browser through a specially crafted URL. Exploitation requires user interaction.

More information : https://help.sonatype.com/en/sonatype-nexus-repository-3-91-0-release-notes.html

Similar

Tags: Cybersecurity Alert