CVE-2012-2094

Currently unrated

Key Information:

Vendor: Openstack
Status: Horizon
Vendor: CVE Published:; 5 June 2012

Summary

Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.

References

http://secunia.com/advisories/49024

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/76136

vdb-entryx_refsource_XF

http://www.osvdb.org/81742

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jun 5, 2012
Vulnerability Reserved
Apr 4, 2012