VDB
KO

PYSEC-2026-928

OpenStack Swift Cross-site Scriping vulnerability

Details

Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / swift
Introduced in: 1.11.0 Fixed in: 2.0.0
Fix pip install --upgrade 'swift>=2.0.0'

References