2026-04-08 22:16:09
Sonatype
PUBLISHED
A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victims browser through a specially crafted URL. Exploitation requires user interaction.