Ubuntu Update For Horizon USN-2062-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Chris Chapman discovered cross-site scripting (XSS) vulnerabilities in Horizon via the Volumes and Network Topology pages. An authenticated attacker could exploit these to conduct stored cross-site scripting (XSS) attacks against users viewing these pages in order to modify the contents or steal confidential data within the same domain.

Affected

horizon on Ubuntu 13.10 , Ubuntu 13.04 , Ubuntu 12.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-December/002351.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6858
CVSS Base Score: 1.9
AV:L/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for neutron USN-2194-1
Ubuntu Update for qemu-kvm USN-1177-1
Ubuntu Update for kdelibs vulnerability USN-420-1
Ubuntu Update for linux-ec2 USN-1324-1
Ubuntu Update for keystone USN-2034-1

Ubuntu Update for horizon USN-2062-1

Take action and discover your vulnerabilities