CVE-2014-3474 in OpenStack and OpenSuse Products
Published on October 31, 2014
Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a network name.
Products Associated with CVE-2014-3474
stack.watch emails you whenever new vulnerabilities are published in OpenStack Horizon or OpenSuse. Just hit a watch button to start following.
Exploit Probability
EPSS
0.30%
Percentile
53.20%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.