Description
Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2012-0010 | Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console. |
Github GHSA |
GHSA-j772-hpmw-32rm | OpenStack Horizon Cross-site scripting (XSS) vulnerability |
Ubuntu USN |
USN-1439-1 | Horizon vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T19:26:07.602Z
Reserved: 2012-04-04T00:00:00.000Z
Link: CVE-2012-2094
No data.
Status : Modified
Published: 2012-06-05T22:55:11.153
Modified: 2026-06-16T23:40:58.650
Link: CVE-2012-2094
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD
Github GHSA
Ubuntu USN