CVE-2012-2144

Published: 04 May 2012

Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.

Priority

Medium

Status

Package Release Status
horizon
Launchpad, Ubuntu, Debian
Upstream Needs triage

Patches:
Upstream: https://github.com/openstack/horizon/commit/abc532fa90eac1cc970423339347e318aa8d1b1a