Open Redirect Vulnerability in OpenStack Dashboard by Canonical
CVE-2012-3540

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
5 September 2012

Summary

An open redirect vulnerability exists in the OpenStack Dashboard (Horizon) Essex (2012.1). This flaw allows remote attackers to manipulate the 'next' parameter in the auth/login section, redirecting users to unauthorized external web sites. This creates significant risk for attempts at phishing, as attackers can exploit this vulnerability to deceive users, leading them to malicious sites that may compromise their sensitive information.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.