Описание
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2014.1~rc2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1:2014.1~rc2-0ubuntu1]] |
| lucid | DNE | |
| precise | not-affected | code-not-present |
| quantal | not-affected | code-not-present |
| saucy | released | 1:2013.2.3-0ubuntu1.1 |
| trusty | not-affected | 1:2014.1~rc2-0ubuntu1 |
| trusty/esm | DNE | trusty was not-affected [1:2014.1~rc2-0ubuntu1] |
| upstream | released | 2014.1 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration ...
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
4.3 Medium
CVSS2