Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: gh-skyline

Found 1 matching suggestions

View:
Compact
Detailed
Untriaged
Permalink CVE-2026-40212
5.4 MEDIUM
  • CVSS version (CVSS): 3.1
  • Attack Vector (AV): Network (N)
  • Attack Complexity (AC): Low (L)
  • Privileges Required (PR): Low (L)
  • User Interaction (UI): Required (R)
  • Scope (S): Changed (C)
  • Confidentiality (C): Low (L)
  • Integrity (I): Low (L)
  • Availability (A): None (N)
  • Modified Attack Vector (MAV): Network (N)
  • Modified Attack Complexity (MAC): Low (L)
  • Modified Privileges Required (MPR): Low (L)
  • Modified User Interaction (MUI): Required (R)
  • Modified Confidentiality (MC): Low (L)
  • Modified Scope (MS): Changed (C)
  • Modified Integrity (MI): Low (L)
  • Modified Availability (MA): None (N)
created 1 month, 2 weeks ago Activity log
  • Created suggestion 1 month, 2 weeks ago
OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based …

OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based Cross-Site Scripting (XSS) vulnerability in the console because document.write is used unsafely, which is relevant in scenarios where administrators use the console web interface to view instance console logs.

Affected products

Skyline
  • ==6.0.0
  • ==7.0.0
  • <5.0.1

Matching in nixpkgs

pkgs.gh-skyline

Generate a 3D model of your GitHub contribution history

Package maintainers