Lucene search
HistoryApr 15, 2014 - 2:55 p.m.
CVE-2014-0157
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
60.3%
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
Affected configurations
Node
openstackhorizonMatch2013.2
ORopenstackhorizonMatch2013.2.1
ORopenstackhorizonMatch2013.2.2
ORopenstackhorizonMatch2013.2.3
Node
opensuseopensuseMatch13.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| openstack | horizon | 2013.2 | cpe:2.3:a:openstack:horizon:2013.2:*:*:*:*:*:*:* |
| openstack | horizon | 2013.2.1 | cpe:2.3:a:openstack:horizon:2013.2.1:*:*:*:*:*:*:* |
| openstack | horizon | 2013.2.2 | cpe:2.3:a:openstack:horizon:2013.2.2:*:*:*:*:*:*:* |
| openstack | horizon | 2013.2.3 | cpe:2.3:a:openstack:horizon:2013.2.3:*:*:*:*:*:*:* |
| opensuse | opensuse | 13.1 | cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |
Related
redhat
redhat
(RHSA-2014:0581) Low: python-django-horizon security update
2014-05-29 00:00:00
osv
osv
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
2022-05-14 02:09:21
seebug
seebug
debiancve
debiancve
CVE-2014-0157
2014-04-15 14:55:04
nessus
nessus
Ubuntu 13.10 : horizon vulnerability (USN-2206-1)
2014-05-07 00:00:00
Fedora 20 : python-django-horizon-2013.2.3-1.fc20 (2014-5002)
2014-04-23 00:00:00
openSUSE Security Update : openstack-dashboard (openSUSE-SU-2015:0078-1)
2015-01-20 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:52:24
securityvulns
securityvulns
[USN-2206-1] OpenStack Horizon vulnerability
2014-05-07 00:00:00
OpenStack multiple security vulnerabilities
2014-05-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2206-1)
2014-05-12 00:00:00
Ubuntu Update for horizon USN-2206-1
2014-05-12 00:00:00
Fedora Update for python-django-horizon FEDORA-2014-5002
2014-05-02 00:00:00
prion
prion
Cross site scripting
2014-04-15 14:55:00
ubuntucve
ubuntucve
CVE-2014-0157
2014-04-15 00:00:00
cve
cve
CVE-2014-0157
2014-04-15 14:55:04
ubuntu
ubuntu
OpenStack Horizon vulnerability
2014-05-06 00:00:00
cvelist
cvelist
CVE-2014-0157
2014-04-15 14:00:00
github
github
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
2022-05-14 02:09:21
fedora
fedora
[SECURITY] Fedora 20 Update: python-django-horizon-2013.2.3-1.fc20
2014-04-23 04:34:15
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.5
Confidence
High
EPSS
0.002
Percentile
60.3%
Related for NVD:CVE-2014-0157