Lucene search
Redhat.comRH:CVE-2020-29565HistoryDec 04, 2020 - 4:51 p.m.
CVE-2020-29565
2020-12-0416:51:48
redhat.com
access.redhat.com
8
0.006 Low
EPSS
Percentile
79.2%
A flaw was found in python-django-horizon. The “next” parameter is not correctly validated allowing a remote attacker to supply a malicious URL in the dashboard that could cause an automatic redirect to the provided malicious site. The highest threat from this vulnerability is to data confidentiality and integrity.
Mitigation
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Related
cvelist
cvelist
CVE-2020-29565
2020-12-04 07:06:03
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenStack Horizon vulnerability (USN-4675-1)
2021-01-05 00:00:00
Debian DSA-4820-1 : horizon - security update
2020-12-29 00:00:00
RHEL 8 : python-django-horizon (RHSA-2020:5411)
2020-12-18 00:00:00
cve
cve
CVE-2020-29565
2020-12-04 08:15:11
redhat
redhat
(RHSA-2020:5411) Moderate: python-django-horizon security update
2020-12-15 17:30:30
(RHSA-2020:5572) Moderate: python-django-horizon security update
2020-12-16 12:55:09
ubuntucve
ubuntucve
CVE-2020-29565
2020-12-04 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4820-1)
2020-12-29 00:00:00
Ubuntu: Security Advisory (USN-4675-1)
2021-01-11 00:00:00
osv
osv
horizon - security update
2020-12-27 00:00:00
CVE-2020-29565
2020-12-04 08:15:11
horizon vulnerability
2021-01-05 13:20:31
nvd
nvd
CVE-2020-29565
2020-12-04 08:15:11
ubuntu
ubuntu
OpenStack Horizon vulnerability
2021-01-05 00:00:00
prion
prion
Design/Logic Flaw
2020-12-04 08:15:00
debiancve
debiancve
CVE-2020-29565
2020-12-04 08:15:11
debian
debian
[SECURITY] [DSA 4820-1] horizon security update
2020-12-27 18:20:09
github
github
OpenStack Horizon Open redirect in workflow forms
2022-05-24 17:35:25
veracode
veracode
Open Redirection
2020-12-07 06:03:46