Cross-Site Scripting Vulnerability in HP Insight Management Agents for Windows Server
CVE-2012-2005

Currently unrated

Key Information:

Vendor: HP
Status: Insight Management Agents
Vendor: CVE Published:; 2 May 2012

Summary

This vulnerability allows remote attackers to execute arbitrary JavaScript or HTML in the context of the affected application on HP Insight Management Agents running on Windows Server 2003 and 2008. By exploiting unspecified vectors, an attacker can manipulate web content and potentially hijack sessions, steal cookies, or redirect users to malicious sites, compromising security and user privacy.

References

http://www.securityfocus.com/bid/53341

vdb-entryx_refsource_BID

http://secunia.com/advisories/49054

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/522548

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
May 2, 2012
Vulnerability Reserved
Apr 2, 2012