Cross-site Scripting Vulnerability in HP System Management Homepage
CVE-2014-2640

Currently unrated

Key Information:

Vendor: HP
Status: System Management Homepage
Vendor: CVE Published:; 2 October 2014

What is CVE-2014-2640?

A Cross-site Scripting (XSS) vulnerability exists in the HP System Management Homepage prior to version 7.4. This security flaw enables remote attackers to inject arbitrary web scripts or HTML into the web interface through unspecified vectors, potentially leading to unauthorized actions and data exposure. The impact of this vulnerability underscores the need for robust web application security measures.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id/1030960

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 2, 2014
Vulnerability Reserved
Mar 24, 2014