PYSEC-2012-32

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/horizon/PYSEC-2012-32.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2012-32
Withdrawn
2024-11-22T04:37:04Z
Published
2012-06-05T22:55:00Z
Modified
2025-10-09T05:18:49.696983Z
Summary
[none]
Details

Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.

References

Affected packages

PyPI / horizon

Package

Name
horizon
View open source insights on deps.dev
Purl
pkg:pypi/horizon

Affected ranges

Type
GIT
Repo
https://github.com/openstack/horizon
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7f8c788aa70db98ac904f37fa4197fcabb802942
Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

12.*
12.0.2
12.0.3
12.0.4
13.*
13.0.0.0b3
13.0.0.0rc1
13.0.0.0rc2
13.0.0
13.0.1
13.0.2
13.0.3
14.*
14.0.0.0b1
14.0.0.0b2
14.0.0.0b3
14.0.0.0rc1
14.0.0.0rc2
14.0.0
14.0.1
14.0.2
14.0.3
14.0.4
14.1.0
15.*
15.0.0.0b1
15.0.0.0b2
15.0.0.0rc1
15.0.0.0rc2
15.0.0
15.1.0
15.1.1
15.2.0
15.3.0
15.3.1
15.3.2
16.*
16.0.0.0b1
16.0.0.0b2
16.0.0.0rc1
16.0.0.0rc2
16.0.0
16.1.0
16.2.0
16.2.1
16.2.2
17.*
17.0.0
17.1.0
18.*
18.0.0
18.1.0
18.2.0
18.3.0
18.3.1
18.3.2
18.3.3
18.3.4
18.3.5
18.4.0
18.4.1
18.5.0
18.6.0
18.6.1
18.6.2
18.6.3
18.6.4
19.*
19.0.0
19.1.0
19.2.0
19.3.0
19.4.0
20.*
20.0.0
20.1.0
20.1.1
20.1.2
20.1.3
20.1.4
20.2.0
21.*
21.0.0
22.*
22.0.0
22.1.0
22.1.1
22.2.0
23.*
23.0.0
23.0.1
23.0.2
23.1.0
23.1.1
23.2.0
23.3.0
23.3.1
23.4.0
24.*
24.0.0
24.0.1
24.0.2
25.*
25.0.0
25.1.0
25.1.1
25.2.0
25.3.0
25.3.1
25.4.0
25.5.0
25.5.1

Database specific

source 
"https://github.com/pypa/advisory-database/blob/main/vulns/horizon/PYSEC-2012-32.yaml"