VYPR
Unrated severityNVD Advisory· Published Oct 31, 2014· Updated Jun 17, 2026

CVE-2014-3475

CVE-2014-3475

Description

Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-8578.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • OpenStack/Horizon3 versions
    cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:*range: >=2013.2,<2013.2.4
    • cpe:2.3:a:openstack:horizon:juno-1:*:*:*:*:*:*:*
    • (no CPE)range: <2013.2.4, <2014.1.2, <Juno-2
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.