Cross-Site Scripting Vulnerability in OpenStack Dashboard by OpenStack
CVE-2014-3474

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
31 October 2014

Summary

A Cross-Site Scripting (XSS) vulnerability exists in the OpenStack Dashboard (Horizon) that enables remote authenticated users to inject arbitrary web scripts or HTML through the network name in the Launch Instance menu. This flaw impacts various versions of Horizon, leaving authenticated users susceptible to executing malicious scripts, potentially compromising the integrity and security of the OpenStack environment.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.