Cross-Site Scripting Vulnerability in HP Insight Control Power Management
CVE-2010-4023

Currently unrated

Key Information:

Vendor: HP
Status: Insight Control Power Management
Vendor: CVE Published:; 28 October 2010

What is CVE-2010-4023?

A cross-site scripting (XSS) vulnerability exists in HP Insight Control Power Management versions prior to 6.2. This flaw enables remote attackers to inject arbitrary web scripts or HTML into affected systems through unspecified vectors, potentially compromising the integrity and confidentiality of user data, as well as the overall security of the application.

References

http://marc.info/?l=bugtraq&m=128811282526943&w=2

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id?1024642

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=128811282526943&w=2

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2010
Vulnerability Reserved
Oct 21, 2010