Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Pen Drive
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-13083 1 Redhat 1 Pen Drive 2026-07-08 N/A 6.9 MEDIUM
A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-site scripting (XSS) payload into cluster objects (such as ClusterVersion spec.channel) that executes in the browser of any user who opens the generated HTML report.