Miggo Logo

CVE-2014-3473: Horizon-Orchestration Cross-site scripting (XSS) vulnerability through resource name

N/A

CVSS Score

Basic Information

EPSS Score
0.59896%
Published
5/13/2022
Updated
10/19/2023
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
horizonpip< 8.0.0a08.0.0a0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from Horizon's failure to escape user-controlled resource names when generating links in the Orchestration/Stack UI. The pre-patch code in tables.py directly used resource_name in URL construction (via lambda functions), which allowed attackers to inject malicious HTML/scripts. The commits c844bd6 and de4466d fixed this by introducing URL reversal with proper escaping and stack_id binding, confirming the vulnerable code paths.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in t** Or***str*tion/St**k s**tion in t** *orizon Or***str*tion **s**o*r* in Op*nSt**k **s**o*r* (*orizon) ***or* ****.*.*, ****.* ***or* ****.*.*, *n* Juno ***or* Juno-*, w**n us** wit* ***t, *llows r*mot* Or

Reasoning

T** vuln*r**ility st*mm** *rom *orizon's **ilur* to *s**p* us*r-*ontroll** r*sour** n*m*s w**n **n*r*tin* links in t** Or***str*tion/St**k UI. T** pr*-p*t** *o** in t**l*s.py *ir**tly us** r*sour**_n*m* in URL *onstru*tion (vi* l*m*** *un*tions), w*i