Cross-site Scripting in HP OpenView Performance Insight by HP
CVE-2011-2406

Currently unrated

Key Information:

Vendor: HP
Status: Openview Performance Insight
Vendor: CVE Published:; 11 August 2011

What is CVE-2011-2406?

A cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight compromises the application's security. This issue enables remote authenticated users to inject arbitrary web scripts or HTML into the system through unspecified methods. Exploitations of such vulnerabilities could lead to unauthorized actions, data exposure, or other malicious activities affecting the performance insight integrity.

References

http://securityreason.com/securityalert/8333

third-party-advisoryx_refsource_SREASON

http://marc.info/?l=bugtraq&m=131292748121409&w=2

vendor-advisoryx_refsource_HP

http://marc.info/?l=bugtraq&m=131292748121409&w=2

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 11, 2011
Vulnerability Reserved
Jun 6, 2011