Your submission was sent successfully! Close

CVE-2012-2094

Published: 17 April 2012

Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.

Priority

Medium

Status

Package Release Status
horizon
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise
Released (2012.1-0ubuntu8.1)
upstream Needs triage