CVE-2014-3497
Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0044 (0.4%)
Percentil: 63.4%
EPSS: 2026-05-06
Afecta
openstack:swiftDescripción técnica
Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header.
Publicada: 3/7/2014, 17:55:06
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://lists.openstack.org/pipermail/openstack-announce/2014-June/000243.html
- http://secunia.com/advisories/59532
- http://www.openwall.com/lists/oss-security/2014/06/19/10
- http://www.securityfocus.com/bid/68116
- http://www.ubuntu.com/usn/USN-2256-1
- https://review.openstack.org/#/c/101031/
- https://review.openstack.org/#/c/101032/
- http://lists.openstack.org/pipermail/openstack-announce/2014-June/000243.html