CVE-2015-3219

python-django-horizon: XSS in Heat stack creation

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class.

Vulnerabilidad de XSS en la sección Orchestration/Stack en OpenStack Dashboard (Horizon) 2014.2 en versiones anteriores a 2014.2.4 y 2015.1.x en versiones anteriores a 2015.1.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de la descripción de parámetros en una plantilla heat, la cual no se maneja correctamente en el atributo help_text en la clase Field.

A cross-site scripting (XSS) flaw was found in the Horizon orchestration dashboard. An attacker able to trick a Horizon user into using a malicious template during the stack creation could use this flaw to perform an XSS attack on that user.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-04-10 CVE Reserved
2015-08-20 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
2024-08-06 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (9)

URL	Tag	Source
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html	Third Party Advisory
http://www.securityfocus.com/bid/75109	Third Party Advisory

URL	Date	SRC
https://bugs.launchpad.net/horizon/+bug/1453074	2024-08-06

URL	Date	SRC
http://lists.openstack.org/pipermail/openstack-announce/2015-June/000361.html	2016-12-24
http://www.openwall.com/lists/oss-security/2015/06/09/7	2016-12-24

URL	Date	SRC
http://rhn.redhat.com/errata/RHSA-2015-1679.html	2016-12-24
http://www.debian.org/security/2016/dsa-3617	2016-12-24
https://access.redhat.com/security/cve/CVE-2015-3219	2015-08-24
https://bugzilla.redhat.com/show_bug.cgi?id=1228534	2015-08-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected
Openstack Search vendor "Openstack"		Horizon Search vendor "Openstack" for product "Horizon"				2014.2.0 Search vendor "Openstack" for product "Horizon" and version "2014.2.0"		-		Affected
Openstack Search vendor "Openstack"		Horizon Search vendor "Openstack" for product "Horizon"				2014.2.1 Search vendor "Openstack" for product "Horizon" and version "2014.2.1"		-		Affected
Openstack Search vendor "Openstack"		Horizon Search vendor "Openstack" for product "Horizon"				2014.2.2 Search vendor "Openstack" for product "Horizon" and version "2014.2.2"		-		Affected
Openstack Search vendor "Openstack"		Horizon Search vendor "Openstack" for product "Horizon"				2014.2.3 Search vendor "Openstack" for product "Horizon" and version "2014.2.3"		-		Affected
Openstack Search vendor "Openstack"		Horizon Search vendor "Openstack" for product "Horizon"				2015.1.0 Search vendor "Openstack" for product "Horizon" and version "2015.1.0"		-		Affected
Oracle Search vendor "Oracle"		Solaris Search vendor "Oracle" for product "Solaris"				11.2 Search vendor "Oracle" for product "Solaris" and version "11.2"		-		Affected