Lucene search
K

73 matches found

UbuntuCve
UbuntuCve
added 2020/03/10 3:0 p.m.21 views

CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS7.1AI score0.01153EPSS
Exploits1References1
OSV
OSV
added 2020/03/10 3:0 p.m.7 views

UBUNTU-CVE-2020-9543

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS7.3AI score0.01153EPSS
Exploits1References2
Fedora
Fedora
added 2018/01/10 10:23 p.m.46 views

[SECURITY] Fedora 26 Update: heketi-5.0.1-1.fc26

Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will...

9CVSS0.8AI score0.05495EPSS
Exploits0
OSV
OSV
added 2017/04/21 3:59 p.m.29 views

CVE-2016-6519

Cross-site scripting XSS vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form...

5.4CVSS5.3AI score
Exploits0References7
Prion
Prion
added 2017/04/21 3:59 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form...

3.5CVSS5.6AI score0.01266EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2017/04/21 3:59 p.m.4 views

DEBIAN-CVE-2016-6519

Cross-site scripting XSS vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form...

5.4CVSS5AI score0.01266EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/04/21 3:59 p.m.18 views

CVE-2016-6519

Cross-site scripting XSS vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form...

5.4CVSS6.1AI score0.01266EPSS
Exploits0References3
CVE
CVE
added 2017/04/21 3:0 p.m.92 views

CVE-2016-6519

OpenStack Manila CVE-2016-6519 is a cross-site scripting (XSS) vulnerability in the Shares overview. The flaw allows remote authenticated users to inject arbitrary HTML/JavaScript via the Metadata field in the Create Share form, affecting Manila prior to 2.5.1. The issue arises in the web UI comp...

5.4CVSS5AI score0.01266EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2017/04/21 3:0 p.m.63 views

CVE-2016-6519

Cross-site scripting XSS vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form...

5.4CVSS5.2AI score0.01266EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2016/10/26 2:22 p.m.12 views

openstack-manila-ui: persistent XSS in metadata field

A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this...

5.4CVSS5.7AI score0.01266EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/10/26 2:22 p.m.4 views

openstack-manila-ui: persistent XSS in metadata field

A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this...

5.4CVSS5.7AI score0.01266EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/10/26 2:22 p.m.6 views

openstack-manila-ui: persistent XSS in metadata field

A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this...

5.4CVSS5.7AI score0.01266EPSS
Exploits0References4
CNVD
CNVD
added 2016/09/19 12:0 a.m.5 views

OpenStack manila HTML Injection Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA and Rackspace, Inc. in the United States. An HTML injection vulnerability exists in OpenStack manila. As the program fails to adequately filter user-submitted input. When a user...

5.4CVSS7.7AI score0.01266EPSS
Exploits0References1
Rows per page
Query Builder