Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-8G68-2HCJ-H8VG
HistoryMay 13, 2022 - 1:11 a.m.

OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface

2022-05-1301:11:27
CWE-79
GitHub Advisory Database
github.com
1

6 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.3%

JSON

Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.

Affected configurations

Vulners
Node
github_advisory_databasehorizonRange<8.0.0a0
CPENameOperatorVersion
horizonlt8.0.0a0

References

Related

redhat 3
altlinux 1
ubuntucve 1
debiancve 1
veracode 3
prion 1
nessus 3
cvelist 1
nvd 1
cve 1
securityvulns 2
ubuntu 1
openvas 1
redhat
redhat
(RHSA-2014:1335) Moderate: python-django-horizon security and bug fix update
2014-09-30 00:00:00
(RHSA-2014:1336) Moderate: python-django-horizon security and bug fix update
2014-09-30 00:00:00
(RHSA-2014:1188) Moderate: python-django-horizon security update
2014-09-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package python-module-django-horizon version 2014.1.2-alt2
2014-09-08 00:00:00
ubuntucve
ubuntucve
CVE-2014-3594
2014-08-19 00:00:00
debiancve
debiancve
CVE-2014-3594
2014-08-22 14:55:07
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 09:02:17
Cross-site Scripting (XSS)
2019-05-02 05:03:56
Cross-site Scripting (XSS)
2019-05-02 05:03:56
prion
prion
Cross site scripting
2014-08-22 14:55:00
nessus
nessus
Oracle Solaris Third-Party Patch Update : horizon (cve_2014_3594_cross_site)
2015-01-19 00:00:00
Ubuntu 14.04 LTS : OpenStack Horizon vulnerabilities (USN-2323-1)
2014-08-22 00:00:00
openSUSE Security Update : openstack-dashboard (openSUSE-SU-2015:0078-1)
2015-01-20 00:00:00
cvelist
cvelist
CVE-2014-3594
2014-08-22 14:00:00
nvd
nvd
CVE-2014-3594
2014-08-22 14:55:07
cve
cve
CVE-2014-3594
2014-08-22 14:55:07
securityvulns
securityvulns
[USN-2323-1] OpenStack Horizon vulnerabilities
2014-08-24 00:00:00
OpenStack multiple security vulnerabilities
2014-08-24 00:00:00
ubuntu
ubuntu
OpenStack Horizon vulnerabilities
2014-08-21 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2323-1)
2014-08-22 00:00:00

6 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

48.3%

JSON
Related for GHSA-8G68-2HCJ-H8VG
redhat3altlinux1ubuntucve1debiancve1veracode3prion1nessus3cvelist1nvd1cve1securityvulns2ubuntu1openvas1