Cross-Site Scripting Vulnerabilities in HP XP P9000 Command View Software
CVE-2014-7896

Currently unrated

Key Information:

Vendor: HP
Status: Xp7 Global Link Manager Software; Xp P9000 Replication Manager; Xp P9000 Device Manager; Xp P9000 Tiered Storage Manager
Vendor: CVE Published:; 3 March 2015

Summary

Multiple cross-site scripting (XSS) vulnerabilities exist in HP XP P9000 Command View Advanced Edition Software Online Help. These vulnerabilities affect several versions of HP Device Manager, HP XP P9000 Tiered Storage Manager, HP XP P9000 Replication Manager, and HP XP7 Global Link Manager Software. Remote attackers can exploit these flaws to inject arbitrary web scripts or HTML via unspecified vectors, potentially compromising the security of the systems using these applications.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/doc...

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id/1031828

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Mar 3, 2015
Vulnerability Reserved
Oct 6, 2014