Lucene search
HistoryMay 19, 2015 - 6:59 p.m.
CVE-2015-3988
cve-2015-3988
cross-site scripting
xss
openstack dashboard
horizon
nvd
security vulnerability
5.3 Medium
AI Score
Confidence
High
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
53.9%
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance image, (2) Nova flavor or (3) Host Aggregate.
Affected configurations
Node
openstackhorizonMatch2015.1.0
Node
oraclesolarisMatch11.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| openstack:horizon | openstack horizon | eq | 2015.1.0 |
Related
debiancve
debiancve
CVE-2015-3988
2015-05-19 18:59:08
cvelist
cvelist
CVE-2015-3988
2015-05-19 18:00:00
ubuntucve
ubuntucve
CVE-2015-3988
2015-05-19 00:00:00
nvd
nvd
CVE-2015-3988
2015-05-19 18:59:08
prion
prion
Cross site scripting
2015-05-19 18:59:00
debian
debian
[BSA-107] Security Update for horizon
2015-05-26 07:41:43
veracode
veracode
Cross-site Scripting (XSS)
2019-05-02 05:18:05
redhat
redhat
(RHSA-2015:1679) Moderate: python-django-horizon security and bug fix update
2015-08-24 00:00:00
nessus
nessus
RHEL 7 : python-django-horizon (RHSA-2015:1679)
2024-04-27 00:00:00
5.3 Medium
AI Score
Confidence
High
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
53.9%
Related for CVE-2015-3988