Cross-Site Scripting Vulnerability in HP SiteScope Management Interface
CVE-2007-4350

Currently unrated

Key Information:

Vendor: HP
Status: Sitescope
Vendor: CVE Published:; 21 October 2008

Summary

A Cross-site scripting (XSS) vulnerability exists in the management interface of HP SiteScope version 9.0 build 911. This flaw allows remote attackers to inject arbitrary web scripts or HTML into the application via SNMP trap messages, potentially leading to unauthorized access and manipulation of sensitive data.

References

http://www.securityfocus.com/bid/31816

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/45958

vdb-entryx_refsource_XF

http://secunia.com/advisories/27126

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Oct 21, 2008
Vulnerability Reserved
Aug 14, 2007