7 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-45582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the successurl parameter. CVE-2022-45582 Note that Nessus relies on the presence of...
SUSE CVE-2014-0157
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...
python-django-horizon: XSS in federation mappings UI
A cross-site scripting flaw was discovered in the OpenStack dashboard horizon which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard...
python-django-horizon: XSS in Heat stack creation
A cross-site scripting XSS flaw was found in the Horizon orchestration dashboard. An attacker able to trick a Horizon user into using a malicious template during the stack creation could use this flaw to perform an XSS attack on that user...
PYSEC-2015-40
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
dashboard: log file arbitrary file retrieval
It was found that the local log-viewing function of the redhat-access-plugin for OpenStack Dashboard horizon did not sanitize user input. An authenticated user could use this flaw to read an arbitrary file with the permissions of the web server...
PT-2014-3506 · Openstack · Openstack Dashboard
Name of the Vulnerable Software and Affected Versions: OpenStack Dashboard aka Horizon versions 2013.2 before 2013.2.4 OpenStack Dashboard aka Horizon versions icehouse before icehouse-rc2 Description: A cross-site scripting XSS issue exists in the Horizon Orchestration dashboard, allowing remote...