Cross-Site Scripting Vulnerability in HP Insight Diagnostics Online Edition
CVE-2010-4111

Currently unrated

Key Information:

Vendor: HP
Status: Insight Diagnostics
Vendor: CVE Published:; 22 December 2010

Summary

A Cross-Site Scripting (XSS) vulnerability exists in HP Insight Diagnostics Online Edition prior to version 8.5.1.3712. This security flaw allows remote attackers to execute arbitrary web scripts or HTML, potentially compromising the security of user sessions and sensitive information through unspecified vectors. Organizations using affected versions are encouraged to upgrade to mitigate risk.

References

http://marc.info/?l=bugtraq&m=129245189832672&w=2

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id?1024897

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=129245189832672&w=2

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Dec 22, 2010
Vulnerability Reserved
Oct 27, 2010