Cross-Site Scripting Vulnerability in HP Network Automation Products
CVE-2011-2402

Currently unrated

Key Information:

Vendor: HP
Status: Network Automation
Vendor: CVE Published:; 1 August 2011

What is CVE-2011-2402?

An XSS vulnerability exists in HP Network Automation across several versions, allowing unauthorized remote users to inject malicious scripts or HTML through various input vectors. This could lead to session hijacking, data theft, or other malicious actions that compromise the integrity of the application and its data.

References

http://osvdb.org/74133

vdb-entryx_refsource_OSVDB

http://securityreason.com/securityalert/8321

third-party-advisoryx_refsource_SREASON

http://marc.info/?l=bugtraq&m=131188727830971&w=2

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2011
Vulnerability Reserved
Jun 6, 2011