Cross-Site Scripting in HPE OneView for VMware vCenter
CVE-2019-11992
6.1MEDIUM
Key Information:
- Vendor
HP
- Vendor
- CVE Published:
- 18 December 2019
What is CVE-2019-11992?
A security vulnerability exists in HPE OneView for VMware vCenter 9.5 that enables an attacker to exploit the system remotely through Cross-Site Scripting (XSS). This allows malicious actors to inject client-side scripts into web pages viewed by other users, which can lead to unauthorized actions or data theft if successfully executed. It is essential for users to implement the necessary security patches and updates to mitigate this risk.
Affected Version(s)
HPE OneView for VMware vCenter with Operations Manager and Log Insight 9.5