Cross-site Scripting Vulnerability in HP Insight Control Performance Management
CVE-2010-4030

Currently unrated

Key Information:

Vendor: HP
Status: Insight Control Performance Management
Vendor: CVE Published:; 2 November 2010

Summary

HP Insight Control Performance Management, prior to version 6.2, is susceptible to a Cross-site Scripting (XSS) vulnerability. This security flaw permits attackers to inject arbitrary web scripts or HTML into affected systems through unspecified vectors, potentially leading to unauthorized actions and data theft. Users are advised to update their software to mitigate this security risk.

References

http://www.vupen.com/english/advisories/2010/2832

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1024672

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/44585

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Nov 2, 2010
Vulnerability Reserved
Oct 21, 2010