Cross-Site Scripting Vulnerabilities in HP AssetManager
CVE-2012-2021

Currently unrated

Key Information:

Vendor: HP
Status: Assetmanager
Vendor: CVE Published:; 16 July 2012

What is CVE-2012-2021?

Multiple cross-site scripting (XSS) vulnerabilities exist in HP AssetManager, specifically in versions 5.20, 5.21, 5.22, and 9.30. These vulnerabilities allow remote authenticated users to inject arbitrary web scripts or HTML through unspecified vectors, posing a significant risk to web application integrity and user data.

References

http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docD...

vendor-advisoryx_refsource_HP

http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docD...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2012
Vulnerability Reserved
Apr 2, 2012