Ubuntu Update For Horizon USN-2062-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Chris Chapman discovered cross-site scripting (XSS) vulnerabilities in Horizon via the Volumes and Network Topology pages. An authenticated attacker could exploit these to conduct stored cross-site scripting (XSS) attacks against users viewing these pages in order to modify the contents or steal confidential data within the same domain.

Affected

horizon on Ubuntu 13.10 , Ubuntu 13.04 , Ubuntu 12.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-December/002351.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6858

CVSS	Base Score: 1.9 AV:L/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for lightdm USN-1950-1
Ubuntu Update for libnss-db vulnerability USN-922-1
Ubuntu Update for dbus USN-2275-1
Ubuntu Update for suds USN-2008-1
Ubuntu Update for rsyslog USN-1338-1

Ubuntu Update for horizon USN-2062-1

Take action and discover your vulnerabilities