Описание
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2014.1~b3-0ubuntu2 |
| lucid | DNE | |
| precise | not-affected | code-not-present |
| quantal | released | 2012.2.4-0ubuntu1.1 |
| raring | released | 1:2013.1.4-0ubuntu1.1 |
| saucy | released | 1:2013.2-0ubuntu1.1 |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashb ...
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
EPSS
4.3 Medium
CVSS2