Lucene search

K

PRIOn knowledge basePRION:CVE-2016-4428

HistoryJul 12, 2016 - 7:59 p.m.

Cross site scripting

2016-07-1219:59:00

PRIOn knowledge base

www.prio-n.com

4

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.8%

Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq9.0
horizoneq9.0.0
horizoneq9.0.1
horizonge8.0.0
horizonle8.0.1
openstackeq7.0
openstackeq6.0
openstackeq8
openstackeq5.0

References

www.debian.org/security/2016/dsa-3617

www.openwall.com/lists/oss-security/2016/06/17/4

access.redhat.com/errata/RHSA-2016:1268

access.redhat.com/errata/RHSA-2016:1269

access.redhat.com/errata/RHSA-2016:1270

access.redhat.com/errata/RHSA-2016:1271

access.redhat.com/errata/RHSA-2016:1272

bugs.launchpad.net/horizon/+bug/1567673

review.openstack.org/329996

review.openstack.org/329997

review.openstack.org/329998

security.openstack.org/ossa/OSSA-2016-010.html

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.8%

Related for PRION:CVE-2016-4428

redhat5 debian2 debiancve1 ubuntu1 nessus4 nvd1 openvas5 osv1 github1 fedora1 redhatcve1 cve1 ubuntucve1 veracode1 cvelist1