Cross-Site Scripting Vulnerability in HP Network Node Manager i
CVE-2016-4399
5.4MEDIUM
What is CVE-2016-4399?
A security vulnerability was discovered in HP Network Node Manager i (NNMi) Software that permits attackers to execute arbitrary scripts in the context of a user's session. This XSS flaw can potentially be leveraged to steal sensitive information, hijack user sessions, or redirect users to malicious sites. Users of affected versions need to apply available patches to mitigate these risks.
Affected Version(s)
HP Network Node Manager (NNMi) 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10