Lucene search
K

131 matches found

Prion
Prion
added 2013/11/23 5:55 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to 1 "Volumes" or 2 "Network Topology" page...

4.3CVSS5.5AI score0.01734EPSS
Exploits0References6Affected Software3
RedHat Linux
RedHat Linux
added 2012/10/16 5:47 p.m.29 views

Low: Red Hat Security Advisory: python-django-horizon security update

Updated python-django-horizon packages that fix one security issue are now available for Red Hat OpenStack Essex. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

5.8CVSS5.8AI score0.02895EPSS
Exploits1References2
OSV
OSV
added 2012/09/05 11:55 p.m.6 views

CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

6.2AI score
Exploits0References11
OSV
OSV
added 2012/09/05 11:55 p.m.2 views

DEBIAN-CVE-2012-3540

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

5.8CVSS6.5AI score0.02895EPSS
Exploits1References1
OSV
OSV
added 2012/06/05 10:55 p.m.6 views

CVE-2012-2094

Cross-site scripting XSS vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard Horizon folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console...

5.5AI score
Exploits0References9
OSV
OSV
added 2012/06/05 10:55 p.m.2 views

DEBIAN-CVE-2012-2094

Cross-site scripting XSS vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard Horizon folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console...

4.3CVSS6AI score0.02415EPSS
Exploits0References1
OSV
OSV
added 2012/06/05 10:55 p.m.5 views

CVE-2012-2144

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.4AI score
Exploits0References11
PyPA
PyPA
added 2012/06/05 10:55 p.m.8 views

PYSEC-2012-32

Cross-site scripting XSS vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard Horizon folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console...

4.3CVSS6AI score0.02415EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2012/06/05 10:0 p.m.68 views

CVE-2012-2144

CVE-2012-2144 : Session fixation in OpenStack Horizon (folsom-1 and 2012.1) allows remote attackers to hijack web sessions via the sessionid cookie. Vulnerable component: Horizon UI. Impact: session hijacking via cookie manipulation. Root cause: session fixation through sessionid handling as desc...

6.8CVSS6.5AI score0.0211EPSS
Exploits1References10Affected Software1
CVE
CVE
added 2012/06/05 10:0 p.m.88 views

CVE-2012-2094

CVE-2012-2094 is an OpenStack Horizon XSS vulnerability in the refresh mechanism of the log viewer (horizon/static/horizon/js/horizon.js) affecting folsom-1 and 2012.1 and earlier. The underlying issue allows remote attackers to inject arbitrary script or HTML via the guest console. Documents pro...

4.3CVSS5.5AI score0.02415EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2012/06/05 10:0 p.m.29 views

CVE-2012-2144

Session fixation vulnerability in OpenStack Dashboard Horizon folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie...

6.8CVSS6.4AI score0.0211EPSS
Exploits1
Rows per page
Query Builder