Cross-Site Scripting Vulnerability in HP Business Availability Center
CVE-2012-0132

Currently unrated

Key Information:

Vendor: HP
Status: Business Availability Center
Vendor: CVE Published:; 5 April 2012

Summary

A cross-site scripting (XSS) vulnerability exists in HP Business Availability Center version 9.01, which allows remote attackers to inject arbitrary web scripts or HTML into the application via unspecified vectors. This type of vulnerability can compromise user sessions and manipulate web content, potentially leading to data theft or unauthorized actions performed on behalf of users.

References

http://secunia.com/advisories/48677

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/522204

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/bid/52880

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 5, 2012
Vulnerability Reserved
Dec 13, 2011