CVE-2016-4428

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-4428
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4428.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-4428
Aliases
Downstream
Related
Published
2016-07-12T19:59:03.257Z
Modified
2026-02-14T00:04:58.315269Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.

References

Affected packages

Git / github.com/openstack/horizon

Affected ranges

Type
GIT
Repo
https://github.com/openstack/horizon
Events
Introduced
593f0b78eea8efbb6d833d66acc7ab4dc852159b
Last affected
fa47798f38b2a58514b93b6613129b0dfca18f36

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4428.json"

Git / github.com/symfony/symfony

Affected ranges

Type
GIT
Repo
https://github.com/symfony/symfony
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5cbeb0a50982de8ef1ee2db410e9edcdf9693a1e
Introduced
45d24033399891ba4a19d4109d6f831f44dabffe
Last affected
3b8cc3cdee3cca23176e1167ced64b29d7d807db

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4428.json"