CVE-2026-40212

CVSS v3.1

5.4

Medium

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based Cross-Site Scripting (XSS) vulnerability in the console because document.write is used unsafely, which is relevant in scenarios where administrators use the console web interface to view instance console logs.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-40212

Affected Products

Skyline

CVE-2026-40212

Weakness Enumeration

Related Identifiers

Affected Products

References · 5