Your submission was sent successfully! Close

CVE-2017-7400

Published: 3 April 2017

OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.

Notes

AuthorNote
tyhicks
Requires admin privileges
Priority

Negligible

CVSS 3 base score: 4.8

Status

Package Release Status
horizon
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was not-affected [code not present])
upstream
Released (3:10.0.1-1)
xenial Not vulnerable
(2:9.1.2-0ubuntu1)
yakkety Ignored
(reached end-of-life)
zesty Not vulnerable
(3:11.0.1-0ubuntu1)