7 matches found
Cross-site Scripting (XSS)
OpenStack Dashboard horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. A cross-site scripting XSS flaw was found in the way orchestration templates were handled. An owner of such a template could use this flaw to perform...
CVE-2014-3473
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject...
Moderate: Red Hat Security Advisory: python-django-horizon security update
Updated python-django-horizon packages that fix multiple security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Fedora 19 : python-django-1.5.9-1.fc19 (2014-9791)
update to 1.5.9 fixing CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...
Fedora Update for python-django FEDORA-2014-9791
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2323-1] OpenStack Horizon vulnerabilities
========================================================================== Ubuntu Security Notice USN-2323-1 August 21, 2014 horizon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu: Security Advisory (USN-2323-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...