Cross-Site Scripting Flaw in HP Business Availability Center and Business Service Management
CVE-2011-0274

Currently unrated

Key Information:

Vendor: HP
Status: Business Availability Center; Business Service Management
Vendor: CVE Published:; 24 January 2011

Summary

A security flaw exists in HP Business Availability Center and Business Service Management that permits remote attackers to execute arbitrary web scripts or HTML. This vulnerability can be exploited through various unspecified vectors, potentially enabling attackers to compromise user sessions or manipulate web content viewed by users. Proper security measures must be implemented to mitigate the risks associated with this vulnerability.

References

http://marc.info/?l=bugtraq&m=129562482815203&w=2

vendor-advisoryx_refsource_HP

http://secunia.com/advisories/43014

third-party-advisoryx_refsource_SECUNIA

http://marc.info/?l=bugtraq&m=129562482815203&w=2

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Jan 24, 2011
Vulnerability Reserved
Dec 23, 2010