Lucene search
K

137 matches found

Debian CVE
Debian CVE
added 2014/04/15 2:0 p.m.62 views

CVE-2014-0157

Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...

4.3CVSS5.5AI score0.01216EPSS
Exploits1
OSV
OSV
added 2014/04/15 12:0 a.m.4 views

UBUNTU-CVE-2014-0157

Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...

4.3CVSS5.9AI score0.01216EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2014/04/15 12:0 a.m.7 views

PT-2014-3506

Name of the Vulnerable Software and Affected Versions OpenStack Dashboard aka Horizon versions 2013.2 before 2013.2.4 OpenStack Dashboard aka Horizon versions icehouse before icehouse-rc2 Description A cross-site scripting XSS issue exists in the Horizon Orchestration dashboard, allowing remote...

5.1CVSS6AI score0.01216EPSS
Exploits1References21
seebug.org
seebug.org
added 2014/04/11 12:0 a.m.50 views

OpenStack Horizon Orchestration Dashboard栈模版描述字段存储型跨站脚本漏洞

CVE ID:CVE-2014-0157 OpenStack Horizon用于为所有OpenStack服务提供一个模块化的基于页面的用户接口。 OpenStack Horizon Orchestration dashboard没有校验栈模版的描述符字段输入,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 OpenStack Horizon 2013.2 OpenStack Horizon 2013.2.3 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: https://review.openstack.org/86054...

4.3CVSS6.5AI score0.01216EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2014/04/03 8:18 p.m.5 views

openstack: horizon multiple XSS vulnerabilities.

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

4.3CVSS5.7AI score0.01734EPSS
Exploits0References4
securityvulns
securityvulns
added 2013/12/23 12:0 a.m.89 views

[USN-2062-1] OpenStack Horizon vulnerability

========================================================================== Ubuntu Security Notice USN-2062-1 December 20, 2013 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

1.9CVSS5.3AI score0.01734EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2013/03/21 6:11 p.m.41 views

Moderate: Red Hat Security Advisory: Django security update

Updated Django packages that fix multiple security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS7.4AI score0.04863EPSS
Exploits2References7
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.73 views

[USN-1565-1] OpenStack Horizon vulnerability

========================================================================== Ubuntu Security Notice USN-1565-1 September 13, 2012 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5.8CVSS0.4AI score0.02895EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2012/10/16 5:47 p.m.10 views

OpenStack-Horizon: Open redirect through 'next' parameter

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS6AI score0.02895EPSS
Exploits1References4
NVD
NVD
added 2012/09/05 11:55 p.m.35 views

CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS6.3AI score0.02895EPSS
Exploits1References10
PyPA
PyPA
added 2012/09/05 11:55 p.m.7 views

PYSEC-2012-18

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS6.9AI score0.02895EPSS
Exploits1References11Affected Software1
UbuntuCve
UbuntuCve
added 2012/09/05 12:0 a.m.25 views

CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS5.9AI score0.02895EPSS
Exploits1References3
OSV
OSV
added 2012/06/05 10:55 p.m.3 views

DEBIAN-CVE-2012-2144

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.8CVSS7AI score0.0211EPSS
Exploits1References1
PyPA
PyPA
added 2012/06/05 10:55 p.m.8 views

PYSEC-2012-32

Cross-site scripting XSS vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard Horizon folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console...

4.3CVSS6AI score0.02415EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added 2012/06/05 10:55 p.m.6 views

PYSEC-2012-33

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.8CVSS7AI score0.0211EPSS
Exploits1References12Affected Software1
Prion
Prion
added 2012/06/05 10:55 p.m.13 views

Session fixation

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.8CVSS7AI score0.0211EPSS
Exploits1References10Affected Software1
UbuntuCve
UbuntuCve
added 2012/05/04 3:0 p.m.26 views

CVE-2012-2144

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.8CVSS5.9AI score0.0211EPSS
Exploits1References3
Rows per page
Query Builder