HP Power Manager Unspecified Cross Site Scripting Vulnerability Network Vulnerability

Summary

The HP Power Manager is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Solution

Vendor updates are available. Please see the references for more details.

References

http://www.hp.com
https://www.securityfocus.com/bid/46830

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0280

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)
Adobe Reader Information Disclosure Vulnerability Jun05 (Mac OS X)
Adobe Digital Edition Information Disclosure Vulnerability (Mac OS X)

Take action and discover your vulnerabilities