Lucene search
+L
OpenstackHorizonjuno-1

5 matches found

CVE
CVE
added 2014/10/31 3:0 p.m.97 views

CVE-2014-3474

CVE-2014-3474 is a cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js within the Launch Instance menu of the OpenStack Dashboard (Horizon). The affected scope includes Horizon releases before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2. The vul...

3.5CVSS5.1AI score0.01917EPSS
CVE
CVE
added 2014/10/31 3:0 p.m.87 views

CVE-2014-3475

CVE-2014-3475 is an XSS issue in the OpenStack Horizon Users panel (admin/users/). Affected software: OpenStack Horizon before 2013.2.4, OpenStack Horizon 2014.1 before 2014.1.2, and Horizon in the Juno series before Juno-2. Root cause: cross-site scripting via a user email address allows injecti...

3.5CVSS5.4AI score0.01235EPSS
Web
CVE
CVE
added 2014/10/31 3:0 p.m.86 views

CVE-2014-3473

The CVE-2014-3473 entry describes a Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard’s Orchestration/Stack area when used with Heat. Affected versions are Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2. The issue allows remote Orchestration ...

4.3CVSS5.4AI score0.01689EPSS
CVE
CVE
added 2014/10/31 3:0 p.m.84 views

CVE-2014-8578

CVE-2014-8578 : XSS in the OpenStack Horizon Groups panel (remote administrators) via a user email address, affecting Horizon before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2. Root cause: input handling flaw enables arbitrary script/HTML injection. Connected sources confirm the sam...

3.5CVSS5.5AI score0.0118EPSS
CVE
CVE
added 2014/08/22 2:0 p.m.79 views

CVE-2014-3594

CVE-2014-3594 affects OpenStack Horizon (Host Aggregates UI). The vulnerability allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name in the Host Aggregates interface, affecting Horizon releases before 2013.2.4, 2014.1 before 2014.1.2, and Juno before J...

3.5CVSS5.4AI score0.02053EPSS