Skip to main content

Skyline

1 CVEs product

Monthly

CVE-2026-40212 MEDIUM This Month

DOM-based cross-site scripting in OpenStack Skyline console interface allows authenticated administrators to execute arbitrary JavaScript via unsafe document.write usage when viewing instance console logs. Affects Skyline versions before 5.0.1, 6.0.0, and 7.0.0. Attack requires administrator authentication and user interaction (UI:R), limiting real-world impact but enabling session hijacking or credential theft from privileged users.

XSS Skyline
NVD
CVSS 3.1
5.4
EPSS
0.0%
EPSS 0% CVSS 5.4
MEDIUM This Month

DOM-based cross-site scripting in OpenStack Skyline console interface allows authenticated administrators to execute arbitrary JavaScript via unsafe document.write usage when viewing instance console logs. Affects Skyline versions before 5.0.1, 6.0.0, and 7.0.0. Attack requires administrator authentication and user interaction (UI:R), limiting real-world impact but enabling session hijacking or credential theft from privileged users.

XSS Skyline
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy