CVE Reference: CVE-2012-3540

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-3540

Description:
Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/78196

UBUNTU
  http://www.ubuntu.com/usn/USN-1565-1

SAID
  Secunia Advisory: SA50480

MLIST
  http://www.openwall.com/lists/oss-security/2012/08/30/4
  http://www.openwall.com/lists/oss-security/2012/08/30/5

CONFIRM

BID
  55329


Return to the previous page.