GHSA-47vp-44v9-rhgq
Suggest an improvement- Source
- https://github.com/advisories/GHSA-47vp-44v9-rhgq
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-47vp-44v9-rhgq/GHSA-47vp-44v9-rhgq.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-47vp-44v9-rhgq
- Aliases
- Published
- 2022-05-14T03:53:47Z
- Modified
- 2024-05-19T02:24:41.618928Z
- Severity
-
- 4.8 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- OpenStack Horizon Cross-site Scripting (XSS)
- Details
-
OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.
- Database specific
{ "nvd_published_at": "2017-04-03T14:59:00Z", "severity": "MODERATE", "github_reviewed_at": "2024-05-14T21:28:08Z", "github_reviewed": true, "cwe_ids": [ "CWE-79" ] }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2017-7400
- https://access.redhat.com/errata/RHSA-2017:1598
- https://access.redhat.com/errata/RHSA-2017:1739
- https://launchpad.net/bugs/1667086
- https://opendev.org/openstack/horizon/commit/1407cfe53144146b29679de21f28c952282043ae
- https://opendev.org/openstack/horizon/commit/511b325b45b6bd7a88bb6df1a4639b80d0121277
- https://opendev.org/openstack/horizon/commit/a835dbfbaa2c70329c08d4b8429d49315dc6d651
- https://opendev.org/openstack/horizon/commit/ce80bb6fec3cb0262728e7ae8b9d695cf832e5bf
- http://www.securityfocus.com/bid/97324
Affected packages
PyPI / horizon
Package
- Name
- horizon
- View open source insights on deps.dev
- Purl
- pkg:pypi/horizon
PyPI / horizon
Package
- Name
- horizon
- View open source insights on deps.dev
- Purl
- pkg:pypi/horizon
PyPI / horizon
Package
- Name
- horizon
- View open source insights on deps.dev
- Purl
- pkg:pypi/horizon