Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionGitHub Advisory
vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external scripts within the platform's browser context. In the worst case, a malicious user could potentially create a new Global-Admin user, bypassing other security restrictions. The attacker needs the ability to create namespaces. This vulnerability is fixed in 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0.
AnalysisAI
Stored Cross-Site Scripting (XSS) in vCluster Platform allows authenticated attackers with namespace creation privileges to inject malicious scripts via the templateRef name field, potentially escalating to Global-Admin access. The vulnerability affects versions prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0. With a CVSS score of 9.0 and changed scope (S:C), this represents a critical privilege escalation path in Kubernetes multi-tenancy environments. No active exploitation confirmed by CISA KEV at time of analysis, but the low attack complexity (AC:L) and clear attack path make this an immediate patching priority for organizations running vCluster Platform.
Technical ContextAI
vCluster Platform is a Kubernetes-based solution for managing virtual clusters and implementing multi-tenancy architectures. The vulnerability stems from CWE-79 (Improper Neutralization of Input During Web Page Generation), specifically a Stored XSS flaw in the templateRef name field processing. Unlike reflected XSS, stored XSS persists the malicious payload in the application's data store, executing each time the affected data is rendered. The templateRef field appears to be part of vCluster's template management system for virtual cluster configurations. The platform fails to properly sanitize or encode user-supplied input in the name field before rendering it in the web interface, allowing JavaScript injection. The changed scope (S:C) in the CVSS vector indicates the vulnerability can affect resources beyond the vulnerable component's security authority, which aligns with the privilege escalation potential described.
RemediationAI
Immediately upgrade vCluster Platform to patched versions: 4.4.3 or later for 4.4.x users, 4.5.5 or later for 4.5.x users, 4.6.2 or later for 4.6.x users, 4.7.1 or later for 4.7.x users, or 4.8.0 or later for 4.8.x users. Refer to the vendor security advisory at https://github.com/loft-sh/loft/security/advisories/GHSA-x7cq-v3h6-426c for upgrade procedures. If immediate patching is not possible, implement the following compensating controls: restrict namespace creation privileges to only highly trusted administrators (reduces attack surface but limits platform functionality for multi-tenant use cases), implement additional Content Security Policy (CSP) headers at reverse proxy layer to block inline script execution (may break legitimate platform features requiring inline scripts), audit existing templateRef name fields for suspicious JavaScript patterns and sanitize manually (labor-intensive and incomplete mitigation), and enable detailed audit logging for namespace creation and template modifications to detect potential exploitation attempts (detection only, does not prevent attack). These workarounds significantly degrade platform usability and do not fully mitigate the vulnerability; patching remains the only complete remediation.
More in Kubernetes
View allA critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access
Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio
Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4
Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass
Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref
String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30301