PYSEC-2026-641

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/horizon/PYSEC-2026-641.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-641
Aliases
Published
2026-07-02T14:13:23.057018Z
Modified
2026-07-06T08:00:37.420206180Z
Summary
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface
Details

Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.

References

Affected packages

PyPI / horizon

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8.0.0a0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/horizon/PYSEC-2026-641.yaml"