CVE-2014-0157 in OpenStack and OpenSuse Products
Published on April 15, 2014
Cross-site scripting (XSS) vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard (aka Horizon) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template.
Products Associated with CVE-2014-0157
stack.watch emails you whenever new vulnerabilities are published in OpenStack Horizon or OpenSuse. Just hit a watch button to start following.
Exploit Probability
EPSS
0.26%
Percentile
49.60%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.