Share
## https://sploitus.com/exploit?id=PACKETSTORM:220040
# OpenNebula-CVE-2025-56537
    
    **Exploit Title :** OpenNebula 6.10.0.1 - Stored XSS (Cross-site Scripting) in virtual network template                                                          
    **Exploit Author :** Mark Artamonov                
    **Vendor Homepage :** https://opennebula.io/    
    **Tested Version :** OpenNebula 6.10.0.1   
    **Affected Versions :** OpenNebula < 7.0   
    **Affected Component :** opennebula-sunstone    
    **CVE ID :** CVE-2025-56537     
    
    ### **Description:**
    A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter.
    
    ### **Payload :**
    ```
    <image src =q onerror=prompt(8)>
    ```
    
    ## **Proof of Concept :**
    <img width="1063" height="645" alt="изображение" src="https://github.com/user-attachments/assets/6d19c255-500f-4280-8802-ac993157334a" />
    <br>
    <img width="1190" height="750" alt="изображение" src="https://github.com/user-attachments/assets/bb89b5f8-4f3f-4da9-a2a8-2256f7e7c420" />
    
    ### **Fix :**
    Upgrade to OpenNebula >=7.0.
    
    ----------------
    
    # OpenNebula-CVE-2025-56536
    
    **Exploit Title :** OpenNebula 6.10.0.1 - Stored XSS (Cross-site Scripting) in user information                                                          
    **Exploit Author :** Mark Artamonov                
    **Vendor Homepage :** https://opennebula.io/    
    **Tested Version :** OpenNebula 6.10.0.1   
    **Affected Versions :** OpenNebula < 7.0   
    **Affected Component :** opennebula-sunstone    
    **CVE ID :** CVE-2025-56536     
    
    ### **Description:**
    A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter.
    
    ### **Payload :**
    ```
    <image src =q onerror=prompt(8)>
    ```
    
    ## **Proof of Concept :**
    <img width="1779" height="694" alt="изображение" src="https://github.com/user-attachments/assets/b493d771-441d-4b17-9915-164d30bd89e9" />
    <br>
    <img width="1439" height="740" alt="изображение" src="https://github.com/user-attachments/assets/f712d182-f5ba-417e-8a43-7caee949c56c" />
    
    ### **Fix :**
    Upgrade to OpenNebula >=7.0.
    
    ----------------
    
    # OpenNebula-CVE-2025-56535
    
    **Exploit Title :** OpenNebula 6.10.0.1 - Stored XSS (Cross-site Scripting) in zone attribute                                                          
    **Exploit Author :** Mark Artamonov                
    **Vendor Homepage :** https://opennebula.io/    
    **Tested Version :** OpenNebula 6.10.0.1   
    **Affected Versions :** OpenNebula < 7.0   
    **Affected Component :** opennebula-sunstone    
    **CVE ID :** CVE-2025-56535     
    
    ### **Description:**
    A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter.
    
    ### **Payload :**
    ```
    <image src =q onerror=prompt(8)>
    ```
    
    ## **Proof of Concept :**
    <img width="1063" height="755" alt="изображение" src="https://github.com/user-attachments/assets/4a034b1f-b5a6-464a-a680-d0bbdb73ed93" />
    <br>
    <img width="1107" height="749" alt="изображение" src="https://github.com/user-attachments/assets/421b8745-6207-4d56-9447-0b15c5a45314" />
    
    ### **Fix :**
    Upgrade to OpenNebula >=7.0.
    
    ----------------
    
    # OpenNebula-CVE-2025-56534
    
    **Exploit Title :** OpenNebula 6.10.0.1 - Stored XSS (Cross-site Scripting) in the custom authenticator driver                                                          
    **Exploit Author :** Mark Artamonov                
    **Vendor Homepage :** https://opennebula.io/    
    **Tested Version :** OpenNebula 6.10.0.1   
    **Affected Versions :** OpenNebula < 7.0   
    **Affected Component :** opennebula-sunstone    
    **CVE ID :** CVE-2025-56534     
    
    ### **Description:**
    A stored cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
    
    ### **Payload :**
    ```
    <image src =q onerror=prompt(8)>
    ```
    
    ## **Proof of Concept :**
    <img width="1063" height="698" alt="изображение" src="https://github.com/user-attachments/assets/33097697-e151-437a-9480-7b7ddb094363" />  
    <br>
    <img width="1440" height="711" alt="изображение" src="https://github.com/user-attachments/assets/c9b57595-2dbb-4d67-880f-131664c0a6aa" />
    
    ### **Fix :**
    Upgrade to OpenNebula >=7.0.