Lucene search
RedHatRHSA-2017:1739HistoryJul 12, 2017 - 12:55 p.m.
(RHSA-2017:1739) Low: python-django-horizon security and bug fix update
2017-07-1212:55:37
access.redhat.com
58
EPSS
0.001
Percentile
44.2%
OpenStack Dashboard (horizon) provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources.
Security Fix(es):
- A cross-site scripting flaw was discovered in the OpenStack dashboard (horizon) which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard. (CVE-2017-7400)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | python-django-horizon | < 9.0.1-13.el7ost | python-django-horizon-9.0.1-13.el7ost.noarch.rpm |
| RedHat | 7 | noarch | openstack-dashboard-theme | < 9.0.1-13.el7ost | openstack-dashboard-theme-9.0.1-13.el7ost.noarch.rpm |
| RedHat | 7 | noarch | openstack-dashboard | < 9.0.1-13.el7ost | openstack-dashboard-9.0.1-13.el7ost.noarch.rpm |
Related
nvd
nvd
CVE-2017-7400
2017-04-03 14:59:00
redhat
redhat
cve
cve
CVE-2017-7400
2017-04-03 14:59:00
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 09:17:57
github
github
OpenStack Horizon Cross-site Scripting (XSS)
2022-05-14 03:53:47
cvelist
cvelist
CVE-2017-7400
2017-04-03 14:00:00
osv
osv
CVE-2017-7400
2017-04-03 14:59:00
prion
prion
Design/Logic Flaw
2017-04-03 14:59:00
ubuntucve
ubuntucve
CVE-2017-7400
2017-04-03 00:00:00
debiancve
debiancve
CVE-2017-7400
2017-04-03 14:59:00
suse
suse
Security update for several openstack-components (important)
2017-05-30 18:14:20