CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

Github Security Blog•added 2022/05/13 1:11 a.m.•30 views

Horizon-Orchestration Cross-site scripting (XSS) vulnerability through resource name

Cross-site scripting XSS vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject...

4.3CVSS5.8AI score0.01689EPSS

Exploits0References12Affected Software1

Positive Technologies•added 2014/07/09 12:0 a.m.•2 views

PT-2014-5345 · Openstack +1 · Openstack Dashboard +2

Name of the Vulnerable Software and Affected Versions: OpenStack Dashboard Horizon versions prior to 2013.2.4 OpenStack Dashboard Horizon versions 2014.1 prior to 2014.1.2 OpenStack Dashboard Horizon Juno versions prior to Juno-2 Description: A cross-site scripting XSS issue exists in the...

4.3CVSS5AI score0.02053EPSS

Exploits2References30

seebug.org•added 2014/04/11 12:0 a.m.•48 views

OpenStack Horizon Orchestration Dashboard栈模版描述字段存储型跨站脚本漏洞

CVE ID:CVE-2014-0157 OpenStack Horizon用于为所有OpenStack服务提供一个模块化的基于页面的用户接口。 OpenStack Horizon Orchestration dashboard没有校验栈模版的描述符字段输入，允许远程攻击者利用漏洞注入恶意脚本或HTML代码，当恶意数据被查看时，可获取敏感信息或劫持用户会话。 0 OpenStack Horizon 2013.2 OpenStack Horizon 2013.2.3 目前厂商已经发布了升级补丁以修复漏洞，请下载使用： https://review.openstack.org/86054...

4.3CVSS6.5AI score0.01206EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by