Cross-Site Scripting Vulnerability in HP SiteScope Products
CVE-2011-1726

Currently unrated

Key Information:

Vendor: HP
Status: Sitescope
Vendor: CVE Published:; 3 May 2011

Summary

A cross-site scripting (XSS) vulnerability exists in HP SiteScope versions 9.54, 10.13, 11.01, and 11.1 that enables remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This flaw could allow attackers to execute harmful scripts in the context of users' browsers, potentially compromising user data or affecting the functionality of web applications.

References

http://securityreason.com/securityalert/8235

third-party-advisoryx_refsource_SREASON

http://www.securitytracker.com/id?1025436

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/44354

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
May 3, 2011
Vulnerability Reserved
Apr 19, 2011