Cross-Site Scripting Vulnerability in HP Diagnostics from HP
CVE-2011-0892

Currently unrated

Key Information:

Vendor: HP
Status: Diagnostics
Vendor: CVE Published:; 29 March 2011

Summary

A cross-site scripting vulnerability exists in HP Diagnostics versions 7.5x and 8.0x prior to 8.05.54.225, enabling remote attackers to inject arbitrary web scripts or HTML into the application. This exploitation can lead to unauthorized actions, data theft, or the distribution of malicious content. Users should update to the latest versions to mitigate potential risks.

References

http://www.vupen.com/english/advisories/2011/0798

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1025255

vdb-entryx_refsource_SECTRACK

http://securityreason.com/securityalert/8167

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Mar 29, 2011
Vulnerability Reserved
Feb 4, 2011