Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and previous versions allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack horizon |
||
opensuse opensuse 13.1 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 13.04 |
||
canonical ubuntu linux 13.10 |