Cross-Site Scripting Vulnerability in HP Integrated Lights-Out 4
CVE-2013-4842

Currently unrated

Key Information:

Vendor
HP
Status
Integrated Lights-out Firmware
Integrated Lights-out 4
Vendor
CVE Published:
18 November 2013

Summary

The HP Integrated Lights-Out 4 (iLO4) contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML content. This issue affects firmware versions prior to 1.32 and can be exploited through unspecified vectors. Organizations using HP iLO4 are advised to update their firmware to the latest version to mitigate potential security risks associated with this vulnerability.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...
vendor-advisoryx_refsource_HP
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...
vendor-advisoryx_refsource_HP

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.