Lucene search
K

137 matches found

OpenVAS
OpenVAS
added 2017/10/12 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-3447-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.5AI score0.02068EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/07/12 1:12 p.m.7 views

python-django-horizon: XSS in federation mappings UI

A cross-site scripting flaw was discovered in the OpenStack dashboard horizon which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard...

4.8CVSS5.7AI score0.01054EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/06/28 2:52 p.m.7 views

python-django-horizon: XSS in federation mappings UI

A cross-site scripting flaw was discovered in the OpenStack dashboard horizon which allowed remote authenticated administrators to conduct XSS attacks using a crafted federation mapping rule. For this flaw to be exploited, federation mapping must be enabled in the dashboard...

4.8CVSS5.7AI score0.01054EPSS
Exploits0References4
CNVD
CNVD
added 2017/04/05 12:0 a.m.5 views

OpenStack Horizon Cross-Site Scripting Vulnerability (CNVD-2017-05503)

OpenStack is a cloud platform management project. Horizon is a dashboard project that provides users and administrators with a web-based user interface for managing OpenStack services. A cross-site scripting vulnerability exists in OpenStack Horizon versions 9.x through 9.1.1, 10.x through 10.0.2...

4.8CVSS4.9AI score0.01054EPSS
Exploits0References1
OSV
OSV
added 2017/04/03 2:59 p.m.4 views

UBUNTU-CVE-2017-7400

OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping...

4.8CVSS5.8AI score0.01054EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/04/03 2:59 p.m.15 views

CVE-2017-7400

OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping...

4.8CVSS6.3AI score0.01054EPSS
Exploits0References2
OSV
OSV
added 2017/04/03 2:59 p.m.2 views

DEBIAN-CVE-2017-7400

OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping...

4.8CVSS6.2AI score0.01054EPSS
Exploits0References1
OSV
OSV
added 2016/10/05 7:33 a.m.7 views

SUSE-SU-2016:2457-1 Security update for openstack-horizon-plugin-manila-ui

This update for openstack-horizon-plugin-manila-ui fixes the metadatatostr function code injection vulnerability. bsc988935, CVE-2016-6519...

5.4CVSS5.7AI score0.01266EPSS
Exploits0References3
OSV
OSV
added 2016/07/12 7:59 p.m.6 views

DEBIAN-CVE-2016-4428

Cross-site scripting XSS vulnerability in OpenStack Dashboard Horizon 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form...

5.4CVSS5.8AI score0.02068EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2016/07/12 7:0 p.m.64 views

CVE-2016-4428

Cross-site scripting XSS vulnerability in OpenStack Dashboard Horizon 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form...

5.4CVSS5.8AI score0.02068EPSS
Exploits0
OSV
OSV
added 2016/07/12 12:0 a.m.3 views

UBUNTU-CVE-2016-4428

Cross-site scripting XSS vulnerability in OpenStack Dashboard Horizon 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form...

5.4CVSS6.8AI score0.02068EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2016/07/12 12:0 a.m.34 views

CVE-2016-4428

Cross-site scripting XSS vulnerability in OpenStack Dashboard Horizon 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form...

5.4CVSS6.8AI score0.02068EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/07/06 12:0 a.m.5 views

PT-2016-5954

Name of the Vulnerable Software and Affected Versions OpenStack Dashboard Horizon versions 8.0.1 and earlier OpenStack Dashboard Horizon versions 9.0.0 through 9.0.1 Description A cross-site scripting XSS issue allows remote authenticated users to inject arbitrary web script or HTML by injecting ...

8.2CVSS6.8AI score0.0324EPSS
Exploits0References44
RedHat Linux
RedHat Linux
added 2016/06/21 10:39 p.m.5 views

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

5.4CVSS5.6AI score0.02068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/06/21 10:24 p.m.7 views

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

5.4CVSS5.6AI score0.02068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/06/21 10:23 p.m.5 views

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

5.4CVSS5.6AI score0.02068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/06/21 10:23 p.m.8 views

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

5.4CVSS5.6AI score0.02068EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/08/24 8:15 p.m.5 views

python-django-horizon: persistent XSS in Horizon metadata dashboard

A flaw was discovered in the OpenStack dashboard horizon handling of metadata. Potentially untrusted data was displayed from OpenStack Image service glance images, OpenStack Compute nova flavors, or host aggregates without correct sanitization. The flaw could be used by an authenticated user to...

3.5CVSS5.8AI score0.01799EPSS
Exploits0References4
OSV
OSV
added 2015/08/20 8:59 p.m.5 views

UBUNTU-CVE-2015-3219

Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...

4.3CVSS7.4AI score0.02758EPSS
Exploits1References3
OSV
OSV
added 2015/08/20 8:59 p.m.5 views

DEBIAN-CVE-2015-3219

Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...

4.3CVSS6AI score0.02758EPSS
Exploits1References1
Rows per page
Query Builder