Cross-site Scripting Vulnerability in HP Insight Control Virtual Machine Management
CVE-2010-3987

Currently unrated

Key Information:

Vendor: HP
Status: Insight Control Virtual Machine Management
Vendor: CVE Published:; 28 October 2010

Summary

A cross-site scripting vulnerability exists in HP Insight Control Virtual Machine Management prior to version 6.2. This flaw allows remote attackers to inject arbitrary web scripts or HTML into affected systems through various vectors, potentially leading to unauthorized actions and information disclosure. Organizations utilizing this software should ensure they apply the appropriate patches and updates to mitigate the risks associated with this vulnerability.

References

http://marc.info/?l=bugtraq&m=128811259326540&w=2

vendor-advisoryx_refsource_HP

http://marc.info/?l=bugtraq&m=128811259326540&w=2

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id?1024641

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 28, 2010
Vulnerability Reserved
Oct 18, 2010