CVE-2014-0153
CVE-2014-0153 affects oVirt REST API prior to the 3.4.1/3.4.x updates, where session IDs are stored in HTML5 local storage. The underlying risk is that an attacker could read a user’s session ID from local storage via a crafted web page, leading to potential confidentiality impact. Affected softw...