Lucene search

RedhatCVELIST:CVE-2016-4428

HistoryJul 12, 2016 - 7:00 p.m.

CVE-2016-4428

2016-07-1219:00:00

redhat

www.cve.org

AI Score

Confidence

High

EPSS

0.001

Percentile

41.7%

JSON

Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.

References

www.debian.org/security/2016/dsa-3617

www.openwall.com/lists/oss-security/2016/06/17/4

access.redhat.com/errata/RHSA-2016:1268

access.redhat.com/errata/RHSA-2016:1269

access.redhat.com/errata/RHSA-2016:1270

access.redhat.com/errata/RHSA-2016:1271

access.redhat.com/errata/RHSA-2016:1272

bugs.launchpad.net/horizon/+bug/1567673

review.openstack.org/329996

review.openstack.org/329997

review.openstack.org/329998

security.openstack.org/ossa/OSSA-2016-010.html