Cross-site Scripting (XSS) Affecting horizon package, versions <2014.1.1-3
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN12-HORIZON-1547770
- published 31 Oct 2014
- disclosed 31 Oct 2014
Introduced: 31 Oct 2014
CVE-2014-8578 Open this link in a new tabHow to fix?
Upgrade Debian:12 horizon to version 2014.1.1-3 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream horizon package and not the horizon package as distributed by Debian.
See How to fix? for Debian:12 relevant fixed versions and status.
Cross-site scripting (XSS) vulnerability in the Groups panel in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-3475.