Back to search
CVE-2026-44371
Published: May 14, 2026
Modified: May 14, 2026
PUBLISHED
Description
Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2.
| Vendor | Product | Versions |
|---|---|---|
OSC | ondemand | affected < 4.0.11affected >= 4.1.0, < 4.1.5affected >= 4.2.0, < 4.2.2 |
Weaknesses (CWE)
References
https://github.com/OSC/ondemand/security/advisories/GHSA-xcv4-m435-m33h
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now