Lucene search

K
cve[email protected]CVE-2016-4428
HistoryJul 12, 2016 - 7:59 p.m.

CVE-2016-4428

2016-07-1219:59:03
CWE-79
web.nvd.nist.gov
50
cve-2016-4428
cross-site scripting
xss
openstack
horizon
remote authenticated users
angularjs template

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5

Confidence

High

EPSS

0.001

Percentile

41.7%

Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.

Affected configurations

NVD
Node
openstackhorizonRange8.0.08.0.1
OR
openstackhorizonMatch9.0.0
OR
openstackhorizonMatch9.0.1
Node
redhatopenstackMatch6.0
OR
redhatopenstackMatch7.0
OR
redhatopenstackMatch8
Node
redhatopenstackMatch5.0
AND
redhatenterprise_linuxMatch6.0
OR
redhatenterprise_linuxMatch7.0
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
VendorProductVersionCPE
openstackhorizoncpe:/a:openstack:horizon::::
openstackhorizon9.0.1cpe:/a:openstack:horizon:9.0.1:::
openstackhorizon9.0.0cpe:/a:openstack:horizon:9.0.0:::

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5

Confidence

High

EPSS

0.001

Percentile

41.7%