Cross-Site Scripting Vulnerability in OpenStack Dashboard
CVE-2014-8578

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
31 October 2014

Summary

This vulnerability in the OpenStack Dashboard (Horizon) allows remote administrators to exploit user email addresses for injecting arbitrary web scripts or HTML. Such XSS flaws can lead to unauthorized actions being executed in the context of a user's session, posing significant security threats. It affects several versions of the Horizon dashboard, highlighting a critical need for prompt updates to mitigate these risks.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.