8 matches found
Cross-site Scripting (XSS)
OpenStack Dashboard horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. A cross-site scripting XSS flaw was found in the way orchestration templates were handled. An owner of such a template could use this flaw to perform...
Moderate: Red Hat Security Advisory: python-django-horizon security update
Updated python-django-horizon packages that fix multiple security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Security fix for the ALT Linux 7 package python-module-django-horizon version 2014.1.2-alt2
2014.1.2-alt2 built Sept. 8, 2014 Lenar Shakirov in task 129225 Sept. 7, 2014 Lenar Shakirov - Tests disabled temporary - 0101-Add-ru-locale-horizon.patch updated - 0102-CVE-2014-3594.patch added - AutoReq: yes, nopython for theme subpackage...
SUSE-RU-2015:0410-1 Security update for openstack-dashboard
This update for openstack-dashboard fixes a cross-site scripting issue on the unorderedlist filter. bnc891815, CVE-2014-3594 Security Issues: CVE-2014-3475...
[USN-2323-1] OpenStack Horizon vulnerabilities
========================================================================== Ubuntu Security Notice USN-2323-1 August 21, 2014 horizon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CVE-2014-3594
CVE-2014-3594 affects OpenStack Horizon (Host Aggregates UI). The vulnerability allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name in the Host Aggregates interface, affecting Horizon releases before 2013.2.4, 2014.1 before 2014.1.2, and Juno before J...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
Ubuntu: Security Advisory (USN-2323-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...