Cross-Site Scripting Vulnerabilities in HP Palm webOS Email Application
CVE-2011-1737

Currently unrated

Key Information:

Vendor: HP
Status: Palm Webos
Vendor: CVE Published:; 13 May 2011

Summary

The Email application in HP Palm webOS versions 1.4.5 and 1.4.5.1 is susceptible to multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities enable remote attackers to inject arbitrary web scripts or HTML through unspecified vectors, potentially compromising user data and application functionality. This can lead to unauthorized actions being performed on behalf of the user, making it imperative for users to apply security patches and updates to mitigate these risks.

References

http://www.securitytracker.com/id?1025514

vdb-entryx_refsource_SECTRACK

https://www.itrc.hp.com/service/cki/docDisplay.do?docId=e...

vendor-advisoryx_refsource_HP

https://www.itrc.hp.com/service/cki/docDisplay.do?docId=e...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
May 13, 2011
Vulnerability Reserved
Apr 19, 2011