Red Hat Security Advisory 2014-1335-01 - OpenStack Dashboard provides administrators and users a graphical interface to access, provision and automate cloud-based resources. The dashboard allows cloud administrators to get an overall view of the size and state of the cloud and it provides end-users a self-service portal to provision their own resources within the limits set by administrators. A persistent cross-site scripting flaw was found in the horizon host aggregate interface. A user with sufficient privileges to add a host aggregate could potentially use this flaw to capture the credentials of another user.
a575bb471a1906d5d85b6e187c16d39615daade3d959d131ea5d7f03ef1d6817