Your submission was sent successfully! Close

CVE-2012-3540

Published: 5 September 2012

Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.

Priority

Medium

Status

Package Release Status
horizon
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric Does not exist

precise
Released (2012.1.3+stable~20120815-691dd2-0ubuntu1.1)
upstream
Released (2012.1.1-5)