Cross-Site Scripting Vulnerability in OpenStack Swift by OpenStack
CVE-2014-3497
Currently unrated
Summary
A cross-site scripting vulnerability exists in OpenStack Swift versions 1.11.0 to 1.13.1, allowing remote attackers to inject arbitrary web scripts or HTML into requests via the WWW-Authenticate header. This vulnerability can pose significant risks, potentially enabling attackers to execute JavaScript in the context of the user's session, leading to data theft or unauthorized actions on behalf of the user. It is crucial for administrators using affected versions to apply appropriate security measures and updates to mitigate this risk.
References
Timeline
Vulnerability published
Vulnerability Reserved