Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.103116
Category:Web application abuses
Title:HP Power Manager Unspecified Cross Site Scripting Vulnerability
Summary:The HP Power Manager is prone to an unspecified cross-site scripting;vulnerability because it fails to properly sanitize user-supplied input.;;An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the;context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch;other attacks.
Description:Summary:
The HP Power Manager is prone to an unspecified cross-site scripting
vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the
context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch
other attacks.

Solution:
Vendor updates are available. Please see the references for more details.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-Ref: BugTraq ID: 46830
Common Vulnerability Exposure (CVE) ID: CVE-2011-0280
http://www.securityfocus.com/bid/46830
HPdes Security Advisory: HPSBMA02629
http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html
HPdes Security Advisory: SSRT100381
http://secunia.com/advisories/43058
XForce ISS Database: powermanager-unspecified-xss(66035)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66035
CopyrightThis script is Copyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.