CVE-2017-7400: OpenStack Horizon Cross-site Scripting (XSS)
4.8
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.44978%
CWE
Published
5/14/2022
Updated
5/14/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
horizon | pip | >= 9.0, < 9.1.2 | 9.1.2 |
horizon | pip | >= 10.0, < 10.0.3 | 10.0.3 |
horizon | pip | >= 11.0.0, < 11.0.1 | 11.0.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stemmed from improper sanitization in the federation mappings UI. Commit diffs show the removal of 'safestring.mark_safe()' in the get_rules_as_json function, which previously marked user-controlled JSON data as safe for HTML rendering. This lack of escaping enabled stored XSS when malicious rules were displayed. The direct correlation between the fix and the CWE-79 classification confirms this function's role in the vulnerability.