CVE-2025-56536

A stored cross-site scripting (XSS) vulnerability exists in the OpenNebula cloud management platform. The flaw resides in the opennebula-sunstone component, where the user information parameter does not properly sanitize user-supplied input. This allows an attacker to inject malicious web scripts or HTML into the application's data store [2].

Exploitation requires an authenticated attacker to set the user information field, for example with a payload like <image src =q onerror=prompt(8)>. When other users view the affected profile or administrative interface, the injected script executes in the context of their browser session. No additional user interaction beyond viewing the crafted profile is needed [2].

An attacker who successfully exploits this vulnerability can execute arbitrary JavaScript in the victim's browser. This can lead to session hijacking, credential theft, or defacement of the OpenNebula user interface. The CVSS v3 base score of 6.1 (Medium) reflects the need for low-privilege access and the potential for significant confidentiality and integrity impact [1].

The vulnerability affects OpenNebula versions before 7.0. The fix is to upgrade to OpenNebula version 7.0 or later, where input sanitization is applied. Users of earlier versions should update as soon as possible to mitigate the risk [2].