CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
41.7%
Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.
Vendor | Product | Version | CPE |
---|---|---|---|
horizon_project | horizon | * | cpe:2.3:a:horizon_project:horizon:*:*:*:*:*:*:*:* |
www.debian.org/security/2016/dsa-3617
www.openwall.com/lists/oss-security/2016/06/17/4
access.redhat.com/errata/RHSA-2016:1268
access.redhat.com/errata/RHSA-2016:1269
access.redhat.com/errata/RHSA-2016:1270
access.redhat.com/errata/RHSA-2016:1271
access.redhat.com/errata/RHSA-2016:1272
access.redhat.com/security/cve/CVE-2016-4428
bugs.launchpad.net/horizon/+bug/1567673
bugzilla.redhat.com/show_bug.cgi?id=1343982
github.com/advisories/GHSA-grm6-x6mr-q3cv
github.com/openstack/horizon/commit/62b4e6f30a7ae7961805abdffdb3c7ae5c2b676a
github.com/openstack/horizon/commit/d585e5eb9acf92d10d39b6c2038917a7e8ac71bb
github.com/openstack/horizon/commit/fc8d70560401f3985e5672a4c580f10d51e985a4
nvd.nist.gov/vuln/detail/CVE-2016-4428
review.openstack.org/329996
review.openstack.org/329997
review.openstack.org/329998
security.openstack.org/ossa/OSSA-2016-010.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
41.7%