CVE-2025-56534

Vulnerability

Overview CVE-2025-56534 is a stored cross-site scripting (XSS) vulnerability in the custom authenticator driver of OpenNebula, specifically in the Sunstone web interface (opennebula-sunstone). The flaw exists because user-supplied input is not properly sanitized before being stored and later rendered in the administrative interface, allowing an attacker to inject arbitrary HTML or JavaScript. The issue affects OpenNebula versions prior to 7.0, with version 6.10.0.1 confirmed vulnerable [2].

Exploitation

To exploit this vulnerability, an attacker must have access to the OpenNebula Sunstone web interface and be able to submit a crafted payload through the custom authenticator driver. The provided proof-of-concept uses an <image src=q onerror=prompt(8)> tag to demonstrate stored XSS [2]. No authentication is explicitly required for the vulnerable component, but the attacker typically needs to be an authenticated user with permissions to configure authentication drivers or trigger the rendering of the malicious input.

Impact

Successful exploitation allows the attacker to execute arbitrary web scripts or HTML in the context of the victim's browser when they view the affected page. This can lead to session hijacking, credential theft, defacement, or other malicious actions within the Sunstone interface. Since Sunstone is the primary web management console for OpenNebula, an attacker could potentially compromise the entire cloud management interface [2].

Mitigation

The vulnerability is fixed in OpenNebula 7.0 [1][2]. Users running versions prior to 7.0 should upgrade immediately. No workarounds are documented; however, restricting access to the Sunstone web interface and applying strict input validation may reduce risk until a patch is applied.