CVE-2022-45582Open Redirect in Horizon

CWE-601Open Redirect6 documents5 sources
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 47.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openstack Horizon
Timeline
PublishedAug 22

Description

Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

NVDopenstack/horizon19.4.020.1.4

Patches

Patch: bugs.launchpad.netPatch: bugs.launchpad.net

🔴Vulnerability Details

4
CVEList
CVE-2022-45582: Open Redirect vulnerability in Horizon Web Dashboard 192023-08-22
OSV
Horizon Web Dashboard Open Redirect vulnerability2023-08-22
GHSA
Horizon Web Dashboard Open Redirect vulnerability2023-08-22
OSV
CVE-2022-45582: Open Redirect vulnerability in Horizon Web Dashboard 192023-08-22

📋Vendor Advisories

1
Debian
CVE-2022-45582: horizon - Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the ...2022
CVE-2022-45582 — Open Redirect in Openstack Horizon | cvebase