Miggo Logo
Miggo Vulnerability Database
CVE-2014-3594

CVE-2014-3594:
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface

3.5

CVSS Score

Basic Information

CVE ID
CVE-2014-3594
GHSA ID
GHSA-8g68-2hcj-h8vg
EPSS Score
0.68631%
CWE
CWE-79
Published
5/13/2022
Updated
5/14/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
AV:N/AC:M/Au:S/C:N/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
horizonpip< 8.0.0a08.0.0a0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability arises from the use of Django's unordered_list filter in Horizon's table columns without enabling autoescape. The affected columns (HostAggregatesTable.hosts, HostAggregatesTable.metadata, AvailabilityZonesTable.hosts) rendered user-controlled input (e.g., host aggregate names) without proper escaping. The fix involved wrapping the filter with autoescape=True, confirming that the lack of escaping in the original code was the root cause. The commit diffs explicitly modify these columns to use a safe wrapper, directly linking these functions to the XSS vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in t** *ost ***r***t*s int*r**** in Op*nSt**k **s**o*r* (*orizon) ***or* ****.*.*, ****.* ***or* ****.*.*, *n* Juno ***or* Juno-* *llows r*mot* **ministr*tors to inj**t *r*itr*ry w** s*ript or *TML vi* * n*w *

Reasoning

T** vuln*r**ility *ris*s *rom t** us* o* *j*n*o's unor**r**_list *ilt*r in *orizon's t**l* *olumns wit*out *n**lin* *uto*s**p*. T** *****t** *olumns (*ost***r***t*sT**l*.*osts, *ost***r***t*sT**l*.m*t***t*, *v*il**ilityZon*sT**l*.*osts) r*n**r** us*r