Lucene search
RedhatCVE-2014-0157HistoryApr 15, 2014 - 2:55 p.m.
CVE-2014-0157
2014-04-1514:55:04
CWE-79
redhat
web.nvd.nist.gov
40
cve-2014-0157
xss
vulnerability
openstack
horizon
dashboard
nvd
security
web script
html
heat template
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
60.3%
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
Affected configurations
Node
openstackhorizonMatch2013.2
ORopenstackhorizonMatch2013.2.1
ORopenstackhorizonMatch2013.2.2
ORopenstackhorizonMatch2013.2.3
Node
opensuseopensuseMatch13.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| openstack | horizon | 2013.2 | cpe:2.3:a:openstack:horizon:2013.2:*:*:*:*:*:*:* |
| openstack | horizon | 2013.2.1 | cpe:2.3:a:openstack:horizon:2013.2.1:*:*:*:*:*:*:* |
| openstack | horizon | 2013.2.2 | cpe:2.3:a:openstack:horizon:2013.2.2:*:*:*:*:*:*:* |
| openstack | horizon | 2013.2.3 | cpe:2.3:a:openstack:horizon:2013.2.3:*:*:*:*:*:*:* |
| opensuse | opensuse | 13.1 | cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |
Related
redhat
redhat
(RHSA-2014:0581) Low: python-django-horizon security update
2014-05-29 00:00:00
seebug
seebug
osv
osv
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
2022-05-14 02:09:21
debiancve
debiancve
CVE-2014-0157
2014-04-15 14:55:04
nessus
nessus
Ubuntu 13.10 : horizon vulnerability (USN-2206-1)
2014-05-07 00:00:00
Fedora 20 : python-django-horizon-2013.2.3-1.fc20 (2014-5002)
2014-04-23 00:00:00
openSUSE Security Update : openstack-dashboard (openSUSE-SU-2015:0078-1)
2015-01-20 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:52:24
securityvulns
securityvulns
[USN-2206-1] OpenStack Horizon vulnerability
2014-05-07 00:00:00
OpenStack multiple security vulnerabilities
2014-05-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2206-1)
2014-05-12 00:00:00
Ubuntu Update for horizon USN-2206-1
2014-05-12 00:00:00
Fedora Update for python-django-horizon FEDORA-2014-5002
2014-05-02 00:00:00
prion
prion
Cross site scripting
2014-04-15 14:55:00
ubuntucve
ubuntucve
CVE-2014-0157
2014-04-15 00:00:00
nvd
nvd
CVE-2014-0157
2014-04-15 14:55:04
ubuntu
ubuntu
OpenStack Horizon vulnerability
2014-05-06 00:00:00
cvelist
cvelist
CVE-2014-0157
2014-04-15 14:00:00
github
github
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
2022-05-14 02:09:21
fedora
fedora
[SECURITY] Fedora 20 Update: python-django-horizon-2013.2.3-1.fc20
2014-04-23 04:34:15
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
60.3%
Related for CVE-2014-0157