Cross-site Scripting Vulnerability in HP AssetCenter and AssetManager Products
CVE-2010-3291

Currently unrated

Key Information:

Vendor: HP
Status: Assetcenter; Assetmanager
Vendor: CVE Published:; 21 October 2010

What is CVE-2010-3291?

The vulnerability allows remote attackers to exploit HP AssetCenter and AssetManager products by injecting arbitrary web scripts or HTML through specific vectors. This may lead to unauthorized actions taken on behalf of users or the exposure of sensitive information. It affects multiple versions of HP AssetCenter and AssetManager, highlighting the importance of regular security audits and updates to safeguard against such attacks.

References

http://secunia.com/advisories/41901

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1024615

vdb-entryx_refsource_SECTRACK

http://www.itrc.hp.com/service/cki/docDisplay.do?docId=em...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2010
Vulnerability Reserved
Sep 13, 2010