OpenStack Horizon 2015.1.0

CPE Details

OpenStack Horizon 2015.1.0
openstack
horizon
2015.1.0
2021-03-09
12h05 +00:00
2021-04-20
11h49 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openstack:horizon:2015.1.0:*:*:*:*:*:*:*

Informations

Vendor

openstack

Product

horizon

Version

2015.1.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-3219 2015-08-20 18h00 +00:00 Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class.
4.3
CVE-2015-3988 2015-05-19 16h00 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance image, (2) Nova flavor or (3) Host Aggregate.
3.5
CVE-2014-8578 2014-10-31 15h00 +00:00 Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475.
3.5