18 matches found
EUVD-2022-3174
Malicious code in bioql PyPI...
SUSE CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
SUSE CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
GHSA-8G68-2HCJ-H8VG OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
Cross-site Scripting (XSS)
OpenStack Dashboard Horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. Two security issues were discovered in the Horizon dashboard and are addressed in this update: A cross-site scripting XSS flaw was found in the Horizo...
python-django-horizon: persistent XSS in Horizon metadata dashboard
A flaw was discovered in the OpenStack dashboard horizon handling of metadata. Potentially untrusted data was displayed from OpenStack Image service glance images, OpenStack Compute nova flavors, or host aggregates without correct sanitization. The flaw could be used by an authenticated user to...
openstack-horizon: persistent XSS in Horizon Host Aggregates interface
A persistent cross-site scripting XSS flaw was found in the horizon host aggregate interface. A user with sufficient privileges to add a host aggregate could potentially use this flaw to capture the credentials of another user...
openstack-horizon: persistent XSS in Horizon Host Aggregates interface
A persistent cross-site scripting XSS flaw was found in the horizon host aggregate interface. A user with sufficient privileges to add a host aggregate could potentially use this flaw to capture the credentials of another user...
openstack-horizon: persistent XSS in Horizon Host Aggregates interface
A persistent cross-site scripting XSS flaw was found in the horizon host aggregate interface. A user with sufficient privileges to add a host aggregate could potentially use this flaw to capture the credentials of another user...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
DEBIAN-CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
Cross site scripting
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
USN-2323-1: OpenStack Horizon vulnerabilities
Jason Hullinger discovered that OpenStack Horizon did not properly perform input sanitization on Heat templates. If a user were tricked into using a specially crafted Heat template, an attacker could conduct cross-site scripting attacks. With cross-site scripting vulnerabilities, if a user were...
UBUNTU-CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
CVE-2014-3594
Cross-site scripting XSS vulnerability in the Host Aggregates interface in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name...
PT-2014-5410 · Openstack +2 · Openstack Dashboard +2
Name of the Vulnerable Software and Affected Versions: OpenStack Dashboard Horizon versions prior to 2013.2.4 OpenStack Dashboard Horizon versions 2014.1 prior to 2014.1.2 OpenStack Dashboard Horizon Juno versions prior to Juno-3 Description: A cross-site scripting XSS issue exists in the Host...