Opennebula: Security Vulnerabilities
A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-04-29
A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-04-29
A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-04-29
A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-04-29
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion.
CVSS Score
9.9
EPSS Score
0.021
Published
2022-10-28
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-10-28
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-28