Cross-Site Scripting Vulnerability in HP Palm webOS Contacts Application
CVE-2011-2408

Currently unrated

Key Information:

Vendor
HP
Status
Palm Webos
Vendor
CVE Published:
11 August 2011

Summary

The HP Palm webOS Contacts application is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This flaw can be exploited via unspecified vectors, potentially leading to unauthorized actions or data exposure within the application.

References

http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docD...
vendor-advisoryx_refsource_HP
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docD...
vendor-advisoryx_refsource_HP
http://secunia.com/advisories/45543
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.