Cross-Site Scripting Vulnerabilities in HP Network Node Manager i by HP
CVE-2011-5184

Currently unrated

Key Information:

Vendor: HP
Status: Network Node Manager I
Vendor: CVE Published:; 20 September 2012

Summary

HP Network Node Manager i version 9.10 contains multiple cross-site scripting vulnerabilities that can be exploited by remote attackers. By injecting arbitrary web scripts or HTML through specific parameters, attackers can manipulate web pages accessed by sensitive users. Notably, the vulnerabilities affect parameters such as 'node,' 'nodename,' and various other fields in configuration and polling scripts. This can lead to unauthorized actions, data compromise, and disrupted services, thereby posing a significant security risk to users relying on this network management tool.

References

http://osvdb.org/77396

vdb-entryx_refsource_OSVDB

http://0a29.blogspot.com/2011/11/0a29-11-1-cross-site-scr...

x_refsource_MISC

http://www.securityfocus.com/bid/50806

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 20, 2012
Vulnerability Reserved
Sep 19, 2012