OpenStack Horizon 2013.1.1

CPE Details

OpenStack Horizon 2013.1.1
openstack
horizon
2013.1.1
2021-03-09
12h05 +00:00
2021-04-20
11h49 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openstack:horizon:2013.1.1:*:*:*:*:*:*:*

Informations

Vendor

openstack

Product

horizon

Version

2013.1.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-8578 2014-10-31 15h00 +00:00 Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475.
3.5
CVE-2013-4471 2014-05-14 17h00 +00:00 The Identity v3 API in OpenStack Dashboard (Horizon) before 2013.2 does not require the current password when changing passwords for user accounts, which makes it easier for remote attackers to change a user password by leveraging the authentication token for that user.
5.5
CVE-2013-6858 2013-11-23 16h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
4.3