horizon@13.0.0.0rc2 vulnerabilities

OpenStack Dashboard

Direct Vulnerabilities

Known vulnerabilities in the horizon package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
URL Redirection to Untrusted Site ('Open Redirect')

Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') due to a lack of validation of the next parameter. An attacker can redirect users to a malicious URL by supplying a specially crafted URL in Horizon that exploits this parameter.

How to fix URL Redirection to Untrusted Site ('Open Redirect')?

Upgrade horizon to version 15.3.2, 16.2.1, 18.3.3, 18.6.0 or higher.

[,15.3.2) [16.0.0,16.2.1) [17.0.0,18.3.3) [18.4.0,18.6.0)