Multiple Cross-Site Scripting Vulnerabilities in HP Project and Portfolio Management Center
CVE-2010-0452

Currently unrated

Key Information:

Vendor: HP
Status: Project And Portfolio Management Center
Vendor: CVE Published:; 29 March 2010

Summary

The HP Project and Portfolio Management Center contains multiple cross-site scripting (XSS) vulnerabilities that could allow remote attackers to inject arbitrary web scripts or HTML through various unspecified vectors. Due to this flaw, an attacker may exploit user input to execute harmful scripts in the context of the user’s session, potentially leading to unauthorized actions and data exposure.

References

http://secunia.com/advisories/39105

third-party-advisoryx_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=126953216625011&w=2

vendor-advisoryx_refsource_HP

http://securitytracker.com/id?1023749

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 29, 2010