Cross-Site Scripting Vulnerability in HP Network Node Manager
CVE-2011-4156

Currently unrated

Key Information:

Vendor: HP
Status: Network Node Manager I
Vendor: CVE Published:; 16 November 2011

Summary

A cross-site scripting (XSS) vulnerability exists in HP Network Node Manager i (NNMi) versions 9.0x and 9.1x. This flaw permits remote attackers to inject arbitrary web scripts or HTML content through unspecified vectors, potentially allowing for the execution of malicious scripts in the context of the user’s session.

References

http://www.securityfocus.com/archive/1/520459

vendor-advisoryx_refsource_HP

http://securityreason.com/securityalert/8532

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/520459

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Nov 16, 2011
Vulnerability Reserved
Oct 21, 2011