Lucene search
Veracode Vulnerability DatabaseVERACODE:28504HistoryDec 07, 2020 - 6:03 a.m.
Open Redirection
2020-12-0706:03:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
openstack
horizon
vulnerability
redirection
software
EPSS
0.006
Percentile
79.2%
openstack horizon is vulnerable to open redirection. A remote attacker is able to redirect a user to a malicious site via the next parameter.
References
www.openwall.com/lists/oss-security/2020/12/08/2
bugs.launchpad.net/horizon/+bug/1865026
github.com/openstack/horizon/commit/b6736593689d2392b77948507a7e7abfff917614
review.opendev.org/c/openstack/horizon/+/758841/
review.opendev.org/c/openstack/horizon/+/758843/
security.openstack.org/ossa/OSSA-2020-008.html
www.debian.org/security/2020/dsa-4820
Related
cvelist
cvelist
CVE-2020-29565
2020-12-04 07:06:03
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenStack Horizon vulnerability (USN-4675-1)
2021-01-05 00:00:00
Debian DSA-4820-1 : horizon - security update
2020-12-29 00:00:00
RHEL 7 : python-django-horizon (RHSA-2020:5572)
2020-12-18 00:00:00
redhatcve
redhatcve
CVE-2020-29565
2020-12-04 16:51:48
cve
cve
CVE-2020-29565
2020-12-04 08:15:11
redhat
redhat
(RHSA-2020:5411) Moderate: python-django-horizon security update
2020-12-15 17:30:30
(RHSA-2020:5572) Moderate: python-django-horizon security update
2020-12-16 12:55:09
osv
osv
horizon vulnerability
2021-01-05 13:20:31
CVE-2020-29565
2020-12-04 08:15:11
horizon - security update
2020-12-27 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4675-1)
2021-01-11 00:00:00
Debian: Security Advisory (DSA-4820-1)
2020-12-29 00:00:00
debiancve
debiancve
CVE-2020-29565
2020-12-04 08:15:11
prion
prion
Design/Logic Flaw
2020-12-04 08:15:00
ubuntu
ubuntu
OpenStack Horizon vulnerability
2021-01-05 00:00:00
ubuntucve
ubuntucve
CVE-2020-29565
2020-12-04 00:00:00
nvd
nvd
CVE-2020-29565
2020-12-04 08:15:11
debian
debian
[SECURITY] [DSA 4820-1] horizon security update
2020-12-27 18:20:09
github
github
OpenStack Horizon Open redirect in workflow forms
2022-05-24 17:35:25