4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.2%
Cross-site scripting (XSS) vulnerability in the refresh mechanism in the
log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard
(Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject
arbitrary web script or HTML via the guest console.