Cross-Site Scripting Vulnerability in HP Integrated Lights-Out 4
CVE-2013-4842

Currently unrated

Key Information:

Vendor: HP
Status: Integrated Lights-out Firmware; Integrated Lights-out 4
Vendor: CVE Published:; 18 November 2013

What is CVE-2013-4842?

The HP Integrated Lights-Out 4 (iLO4) contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML content. This issue affects firmware versions prior to 1.32 and can be exploited through unspecified vectors. Organizations using HP iLO4 are advised to update their firmware to the latest version to mitigate potential security risks associated with this vulnerability.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 18, 2013