CVE-2026-25734

Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Versions prior to 35.8.3, 38.5.4, and 39.3.1 have a stored Cross-Site Scripting XSS vulnerability in the RSE metadata of the WebUI where...

EUVD-2026-8729

Rucio WebUI has a Stored Cross-site Scripting XSS Vulnerability in its Custom RSE Attribute...

CVE-2026-25733 Rucio WebUI Vulnerable to Stored Cross-site Scripting (XSS) through Custom Rule Function

Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. Versions prior to 35.8.3, 38.5.4, and 39.3.1 have a stored Cross-Site Scripting XSS vulnerability in the Custom Rules function of the WebUI where...

EUVD-2026-8728

Rucio WebUI has a Stored Cross-site Scripting XSS vulnerability its Identity Name...

CVE-2026-25136 Rucio WebUI has a Reflected Cross-site Scripting Vulnerability

Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. A reflected Cross-site Scripting vulnerability was located in versions prior to 35.8.3, 38.5.4, and 39.3.1 in the rendering of the ExceptionMessa...

GHSA-H79M-5JJM-JM4Q Rucio WebUI has a Reflected Cross-site Scripting Vulnerability

Summary A reflected Cross-site Scripting vulnerability was located in the rendering of the ExceptionMessage of the WebUI 500 error which could allow attackers to steal login session tokens of users who navigate to a specially crafted URL. Details The WebUI error message renders ExceptionMessage...