CVE-2026-44371

UNKNOWN View on NVD ↗

Description

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2.

References

https://github.com/OSC/ondemand/security/advisories/GHSA-xcv4-m435-m33h

Published: May 14, 2026 15:16 UTC Modified: May 14, 2026 18:19 UTC