CVE-2017-7400

4.8MEDIUM

Key Information

Vendor: Openstack
Status: Horizon
Vendor: CVE Published:; 3 April 2017

Summary

OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published.
Apr 3, 2017
Vulnerability Reserved.
Apr 3, 2017

Collectors

NVD DatabaseMitre Database