Lucene search

K
redhatcveRedhat.comRH:CVE-2016-4428
HistoryJun 17, 2016 - 10:48 p.m.

CVE-2016-4428

2016-06-1722:48:39
redhat.com
access.redhat.com
10

0.001 Low

EPSS

Percentile

41.7%

A DOM-based, cross-site scripting vulnerability was found in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form (for example, using an image’s description), triggering the vulnerability when another user browsed the affected page. As a result, this flaw could result in user accounts being compromised (for example, user-access credentials being stolen).