OpenStack Horizon vulnerability

2012-09-13T00:00:00
ID USN-1565-1
Type ubuntu
Reporter Ubuntu
Modified 2012-09-13T00:00:00

Description

Thomas Biege discovered that the Horizon authentication mechanism
did not validate the next parameter. An attacker could use this to
construct a link to legitimate OpenStack web dashboard that redirected
the user to a malicious website after authentication.