Cross-Site Scripting Vulnerability in OpenStack Dashboard by OpenStack
CVE-2016-4428
5.4MEDIUM
Summary
An XSS vulnerability in OpenStack Dashboard (Horizon) allows remote authenticated users to inject arbitrary web scripts or HTML via AngularJS templates within dashboard forms. This flaw could lead to unauthorized access or data manipulation, compromising the integrity of the affected application.
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved