CVE-2014-3594

2014-08-19T00:00:00
ID UB:CVE-2014-3594
Type ubuntucve
Reporter ubuntu.com
Modified 2014-08-19T00:00:00

Description

Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.

Bugs

  • <https://bugs.launchpad.net/horizon/+bug/1349491>

Notes

Author| Note
---|---
jdstrand | Horizon on Essex (Ubuntu 12.04) does not have the Host Aggregate interface