Oracle Solaris Third-Party Patch Update : horizon (cve_2014_3594_cross_site)
Low Nessus Plugin ID 80638
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.
SolutionUpgrade to Solaris 18.104.22.168.0.