Cross-Site Scripting Vulnerability in HP Service Manager
CVE-2013-6222

Currently unrated

Key Information:

Vendor: HP
Status: Service Manager
Vendor: CVE Published:; 23 August 2014

Summary

A cross-site scripting vulnerability exists in the Mobility Web Client and Service Request Catalog components of HP Service Manager. This flaw allows remote attackers to inject arbitrary web scripts or HTML into the application through unspecified vectors. Exploiting this vulnerability could allow malicious actors to execute unwanted scripts in the context of a user's browser, potentially leading to unauthorized actions or data exposure.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95447

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1030756

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/60028

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Aug 23, 2014
Vulnerability Reserved
Oct 21, 2013