5 matches found
Fedora Update for python-django-horizon FEDORA-2014-5002
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : python-django-horizon-2013.2.3-1.fc20 (2014-5002)
rebase to 2013.2.3, fix CVE-2014-0157 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
CVE-2014-0157
Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...
CVE-2014-0157
CVE-2014-0157 is an XSS in Horizon (OpenStack Dashboard) via the Heat template description field, affecting OpenStack Horizon 2013.2 before 2013.2.4 and Icehouse before icehouse-rc2. Consequence: remote attacker could inject arbitrary script/HTML. Remediation: apply the Horizon fixes (e.g., updat...
OpenStack Horizon Orchestration Dashboard栈模版描述字段存储型跨站脚本漏洞
CVE ID:CVE-2014-0157 OpenStack Horizon用于为所有OpenStack服务提供一个模块化的基于页面的用户接口。 OpenStack Horizon Orchestration dashboard没有校验栈模版的描述符字段输入,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 OpenStack Horizon 2013.2 OpenStack Horizon 2013.2.3 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: https://review.openstack.org/86054...