PYSEC-2012-18

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/horizon/PYSEC-2012-18.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/PYSEC-2012-18
Aliases
Published
2012-09-05T23:55:00Z
Modified
2023-11-07T21:41:59.014742Z
Summary
[none]
Details

Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by mistake.

References

Affected packages

PyPI / horizon

Package

Affected ranges

Type
GIT
Repo
https://github.com/openstack/horizon
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

12.*

12.0.2
12.0.3
12.0.4

13.*

13.0.0.0b3
13.0.0.0rc1
13.0.0.0rc2
13.0.0
13.0.1
13.0.2
13.0.3

14.*

14.0.0.0b1
14.0.0.0b2
14.0.0.0b3
14.0.0.0rc1
14.0.0.0rc2
14.0.0
14.0.1
14.0.2
14.0.3
14.0.4
14.1.0

15.*

15.0.0.0b1
15.0.0.0b2
15.0.0.0rc1
15.0.0.0rc2
15.0.0
15.1.0
15.1.1
15.2.0
15.3.0
15.3.1
15.3.2

16.*

16.0.0.0b1
16.0.0.0b2
16.0.0.0rc1
16.0.0.0rc2
16.0.0
16.1.0
16.2.0
16.2.1
16.2.2

17.*

17.0.0
17.1.0

18.*

18.0.0
18.1.0
18.2.0
18.3.0
18.3.1
18.3.2
18.3.3
18.3.4
18.3.5
18.4.0
18.4.1
18.5.0
18.6.0
18.6.1
18.6.2
18.6.3
18.6.4

19.*

19.0.0
19.1.0
19.2.0
19.3.0
19.4.0

20.*

20.0.0
20.1.0
20.1.1
20.1.2
20.1.3
20.1.4
20.2.0

21.*

21.0.0

22.*

22.0.0
22.1.0
22.1.1
22.2.0

23.*

23.0.0
23.1.0
23.2.0
23.3.0