Oval Definition:	oval:org.opensuse.security:def:20153219
Revision Date: 2019-09-27 Version: 1 Title: CVE-2015-3219 Description: Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handled in the help_text attribute in the Field class. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-3219 Platform(s): SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE OpenStack Cloud 5 is installed AND Package Information crowbar-barclamp-nova_dashboard-1.9+git.1443622531.b2b2939-9 is installed OR openstack-dashboard-2014.2.4~a0~dev12-13 is installed OR python-django_openstack_auth-1.1.7-11 is installed OR python-horizon-2014.2.4~a0~dev12-13 is installed
BACK