Lucene search

OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability

🗓️ 17 May 2022 03:25:17Reported by GitHub Advisory DatabaseType

OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 has a Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section allowing remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 15
CVE	CVE-2015-3219	20 Aug 201520:59	–	cve
NVD	CVE-2015-3219	20 Aug 201520:59	–	nvd
Veracode	Cross-site Scripting (XSS)	15 Jan 201909:07	–	veracode
Veracode	Cross-site Scripting (XSS)	2 May 201905:18	–	veracode
Debian CVE	CVE-2015-3219	20 Aug 201520:59	–	debiancve
Cvelist	CVE-2015-3219	20 Aug 201520:00	–	cvelist
Prion	Cross site scripting	20 Aug 201520:59	–	prion
UbuntuCve	CVE-2015-3219	20 Aug 201500:00	–	ubuntucve
OpenVAS	Debian Security Advisory DSA 3617-1 (horizon - security update)	6 Jul 201600:00	–	openvas
OpenVAS	Debian: Security Advisory (DSA-3617-1)	5 Jul 201600:00	–	openvas

Vulners

Node

openstack horizonRange<8.0.0a0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-3219
bugs	www.bugs.launchpad.net/horizon/+bug/1453074
lists	www.lists.openstack.org/pipermail/openstack-announce/2015-June/000361.html
rhn	www.rhn.redhat.com/errata/RHSA-2015-1679.html
debian	www.debian.org/security/2016/dsa-3617
openwall	www.openwall.com/lists/oss-security/2015/06/09/7
oracle	www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
github	www.github.com/openstack/horizon/commit/28d8f49786d6df297b2574514916fa782e941e09
github	www.github.com/openstack/horizon/commit/84da479739fbfff75d9492d00fd0ed1a31ea52b3
github	www.github.com/openstack/horizon/commit/dab92e7d2f576caea8f81c8e22a516fb45633794

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 May 2022 03:17Current

6Medium risk

Vulners AI Score6

CVSS24.3

EPSS0.00408

CWE-79