Cross-Site Scripting Vulnerability in HP Systems Insight Manager
CVE-2014-2644

Currently unrated

Key Information:

Vendor: HP
Status: Systems Insight Manager
Vendor: CVE Published:; 6 October 2014

Summary

An XSS vulnerability exists in HP Systems Insight Manager prior to version 7.4 that could allow remote attackers to inject arbitrary web scripts or HTML into web applications. This exploitation can lead to the execution of malicious scripts in the context of an authenticated user's session, making it critical for organizations using this software to adopt defensive measures against such web-based attacks.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id/1030970

vdb-entryx_refsource_SECTRACK

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Oct 6, 2014
Vulnerability Reserved
Mar 24, 2014