2 matches found
python-django-horizon: persistent XSS in Horizon metadata dashboard
A flaw was discovered in the OpenStack dashboard horizon handling of metadata. Potentially untrusted data was displayed from OpenStack Image service glance images, OpenStack Compute nova flavors, or host aggregates without correct sanitization. The flaw could be used by an authenticated user to...
PT-2013-3626 · Openstack · Openstack Compute
Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions before 2013.1.3 OpenStack Compute Nova Havana versions before havana-2 Description: The issue allows remote authenticated users to obtain sensitive information, such as flavor properties, boot arbitrary flavors...