Lucene search
RootSSV:62126HistoryApr 11, 2014 - 12:00 a.m.
OpenStack Horizon Orchestration Dashboard栈模版描述字段存储型跨站脚本漏洞
2014-04-1100:00:00
Root
www.seebug.org
26
EPSS
0.002
Percentile
60.3%
CVE ID:CVE-2014-0157
OpenStack Horizon用于为所有OpenStack服务提供一个模块化的基于页面的用户接口。
OpenStack Horizon Orchestration dashboard没有校验栈模版的描述符字段输入,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。
0
OpenStack Horizon 2013.2
OpenStack Horizon 2013.2.3
目前厂商已经发布了升级补丁以修复漏洞,请下载使用:
https://review.openstack.org/86054
https://review.openstack.org/86056
https://review.openstack.org/86059
Related
redhat
redhat
(RHSA-2014:0581) Low: python-django-horizon security update
2014-05-29 00:00:00
osv
osv
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
2022-05-14 02:09:21
debiancve
debiancve
CVE-2014-0157
2014-04-15 14:55:04
nessus
nessus
Ubuntu 13.10 : horizon vulnerability (USN-2206-1)
2014-05-07 00:00:00
Fedora 20 : python-django-horizon-2013.2.3-1.fc20 (2014-5002)
2014-04-23 00:00:00
openSUSE Security Update : openstack-dashboard (openSUSE-SU-2015:0078-1)
2015-01-20 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:52:24
securityvulns
securityvulns
[USN-2206-1] OpenStack Horizon vulnerability
2014-05-07 00:00:00
OpenStack multiple security vulnerabilities
2014-05-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2206-1)
2014-05-12 00:00:00
Ubuntu Update for horizon USN-2206-1
2014-05-12 00:00:00
Fedora Update for python-django-horizon FEDORA-2014-5002
2014-05-02 00:00:00
prion
prion
Cross site scripting
2014-04-15 14:55:00
ubuntucve
ubuntucve
CVE-2014-0157
2014-04-15 00:00:00
nvd
nvd
CVE-2014-0157
2014-04-15 14:55:04
cve
cve
CVE-2014-0157
2014-04-15 14:55:04
ubuntu
ubuntu
OpenStack Horizon vulnerability
2014-05-06 00:00:00
cvelist
cvelist
CVE-2014-0157
2014-04-15 14:00:00
github
github
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
2022-05-14 02:09:21
fedora
fedora
[SECURITY] Fedora 20 Update: python-django-horizon-2013.2.3-1.fc20
2014-04-23 04:34:15