Cross-Site Scripting Vulnerability in OpenStack Dashboard by OpenStack
CVE-2012-2094
Currently unrated
Summary
A cross-site scripting (XSS) vulnerability exists in the refresh mechanism of the log viewer in OpenStack Dashboard (Horizon). This flaw allows remote attackers to inject arbitrary web scripts or HTML via the guest console, potentially compromising the integrity of user data and session management. The vulnerability is present in Horizon versions Folsom-1 and prior to 2012.1, making it critical for affected users to implement security measures to mitigate the risks.
References
Timeline
Vulnerability published
Vulnerability Reserved