Cross-Site Scripting Vulnerability in OpenStack Dashboard by OpenStack
CVE-2014-3594
Currently unrated
Summary
A cross-site scripting (XSS) vulnerability exists in the Host Aggregates interface of OpenStack Dashboard (Horizon) where remote administrators can inject arbitrary web scripts or HTML through the new host aggregate name. This issue allows an attacker to potentially execute malicious scripts in the context of users accessing the affected interface, leading to possible data theft or other harmful actions.
References
Timeline
Vulnerability published
Vulnerability Reserved