2 matches found
openstack-horizon: multiple XSS flaws
A cross-site scripting XSS flaw was found in the way orchestration templates were handled. An owner of such a template could use this flaw to perform XSS attacks against other Horizon users. CVE-2014-3473 It was found that network names were not sanitized. A malicious user could use this flaw to...
PT-2014-5346 · Openstack +1 · Openstack Dashboard +1
Name of the Vulnerable Software and Affected Versions: OpenStack Dashboard Horizon versions 2013.2.3 and earlier OpenStack Dashboard Horizon versions 2014.1 and earlier, excluding 2014.1.2 and later OpenStack Dashboard Horizon versions Juno and earlier, excluding Juno-2 and later Description: A...