Cross-Site Scripting Vulnerability in OpenStack Dashboard by OpenStack
CVE-2012-2094

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
5 June 2012

Summary

A cross-site scripting (XSS) vulnerability exists in the refresh mechanism of the log viewer in OpenStack Dashboard (Horizon). This flaw allows remote attackers to inject arbitrary web scripts or HTML via the guest console, potentially compromising the integrity of user data and session management. The vulnerability is present in Horizon versions Folsom-1 and prior to 2012.1, making it critical for affected users to implement security measures to mitigate the risks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.