Open Redirect Vulnerability in OpenStack Dashboard by Canonical
CVE-2012-3540
Currently unrated
Summary
An open redirect vulnerability exists in the OpenStack Dashboard (Horizon) Essex (2012.1). This flaw allows remote attackers to manipulate the 'next' parameter in the auth/login section, redirecting users to unauthorized external web sites. This creates significant risk for attempts at phishing, as attackers can exploit this vulnerability to deceive users, leading them to malicious sites that may compromise their sensitive information.
References
Timeline
Vulnerability published
Vulnerability Reserved