Back to CVE List

CVE-2026-40212

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
5.4 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Vulnerability Description

OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based Cross-Site Scripting (XSS) vulnerability in the console because document.write is used unsafely, which is relevant in scenarios where administrators use the console web interface to view instance console logs.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
OpenStack
Product
Skyline

External References

Discussion (0)

Add Comment

No comments yet. Be the first!