CVE-2026-44371

Vulnerability Description

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2.

Vulnerability Details

Published Date

May 14, 2026

Last Modified

May 14, 2026

CWE ID

CWE-79

Source

NVD

Vendor

OSC

Product

ondemand

External References

https://github.com/OSC/ondemand/security/advisories/GHSA-xcv4-m435-m33h

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment