Cross-Site Scripting Vulnerability in OpenStack Dashboard by OpenStack
CVE-2014-3594

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
22 August 2014

Summary

A cross-site scripting (XSS) vulnerability exists in the Host Aggregates interface of OpenStack Dashboard (Horizon) where remote administrators can inject arbitrary web scripts or HTML through the new host aggregate name. This issue allows an attacker to potentially execute malicious scripts in the context of users accessing the affected interface, leading to possible data theft or other harmful actions.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.