QwikSec

Security Database

CVE

CWE

Training

CVE-2012-3540

Published: Sep 5, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

openstackdashboard-next-open-redirect(78196)

vdb-entry

x_refsource_XF

https://bugs.launchpad.net/horizon/+bug/1039077

x_refsource_CONFIRM

[oss-security] 20120830 [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3542)

mailing-list

x_refsource_MLIST

https://github.com/openstack/horizon/commit/35eada8a27323c0f83c400177797927aba6bc99b

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_BID

[openstack] 20120830 Re: [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)

mailing-list

x_refsource_MLIST

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20120830 Re: [Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)

mailing-list

x_refsource_MLIST

[openstack] 20120830 [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3542)

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.