Package impact

PyPI / horizon

CVE	Severity	CVSS	Risk	Published	Description
CVE-2012-2144	medium	—	6.8	14y ago	OpenStack Horizon Session Fixation
CVE-2012-3540	medium	—	5.8	14y ago	Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a …
CVE-2016-4428	medium	5.4	5.4	10y ago	OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
CVE-2026-43002	medium	5.3	5.3	23d ago	OpenStack Horizon has Incorrect Behavior Order
CVE-2017-7400	medium	4.8	4.8	4y ago	OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping.
CVE-2015-3219	medium	—	4.3	11y ago	Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbi…
CVE-2014-3473	medium	—	4.3	12y ago	Horizon-Orchestration Cross-site scripting (XSS) vulnerability through resource name
CVE-2014-0157	medium	—	4.3	12y ago	OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
CVE-2012-2094	medium	—	4.3	14y ago	OpenStack Horizon Cross-site scripting (XSS) vulnerability
CVE-2014-3474	low	—	3.5	12y ago	OpenStack Horizon Cross-site scripting (XSS) vulnerability
CVE-2014-3594	low	—	3.5	12y ago	OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface