Moderate severityNVD Advisory· Published Jun 5, 2012· Updated Jun 16, 2026
CVE-2012-2094
CVE-2012-2094
Description
Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
horizonPyPI | < 8.0.0a0 | 8.0.0a0 |
Affected products
3Patches
Vulnerability mechanics
References
13- secunia.com/advisories/49024nvdVendor AdvisoryWEB
- secunia.com/advisories/49071nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-j772-hpmw-32rmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2012-2094ghsaADVISORY
- lists.fedoraproject.org/pipermail/package-announce/2012-April/079160.htmlnvdWEB
- ubuntu.com/usn/usn-1439-1nvdWEB
- www.osvdb.org/81742nvdWEB
- bugs.launchpad.net/horizon/+bug/977944nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/76136nvdWEB
- github.com/openstack/horizon/commit/7f8c788aa70db98ac904f37fa4197fcabb802942nvdWEB
- github.com/openstack/horizon/commit/ab2e27522aaeb0268fcc121bd3eff5a4485f313cghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/horizon/PYSEC-2012-32.yamlghsaWEB
- lists.launchpad.net/openstack/msg10211.htmlnvdWEB
News mentions
0No linked articles in our index yet.