Cross-site Scripting Vulnerability in HP SiteScope
CVE-2011-2400

Currently unrated

Key Information:

Vendor: HP
Status: Sitescope
Vendor: CVE Published:; 29 July 2011

Summary

A cross-site scripting vulnerability in HP SiteScope versions 9.x, 10.x, and 11.x enables remote attackers to inject arbitrary web scripts or HTML into affected installations. This flaw can be exploited through unspecified vectors, resulting in potential unauthorized information disclosure and manipulation of the application behavior. Users are advised to apply the latest patches to secure their environments against these attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/68867

vdb-entryx_refsource_XF

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Jul 29, 2011
Vulnerability Reserved
Jun 6, 2011