Information Disclosure

openstack-keystone is vulnerable to information disclosure attacks. The vulnerability exists as the catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint,...

qualityplaysets.com XSS vulnerability

Vulnerable URL: http://www.qualityplaysets.com/Catalog.asp?Submit=List=Residential=1/-///'/"//--...

Important: Red Hat Security Advisory: openstack-keystone security and bug fix update

Updated openstack-keystone packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

CVE-2014-3621

The catalog url replacement in OpenStack Identity Keystone before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$admintoken" in the publicurl endpoint field...