Unrated severityNVD Advisory· Published Nov 23, 2013· Updated Jun 17, 2026
CVE-2013-6858
CVE-2013-6858
Description
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" or (2) "Network Topology" page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6- bugs.launchpad.net/horizon/+bug/1247675nvdIssue TrackingPatchThird Party Advisory
- lists.opensuse.org/opensuse-updates/2015-01/msg00040.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/55770nvdThird Party Advisory
- secunia.com/advisories/56117nvdThird Party Advisory
- www.securityfocus.com/bid/63787nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2062-1nvdThird Party Advisory
News mentions
0No linked articles in our index yet.