HomePentest-Tools.com Logo

HP/HPE System Management Homepage (SMH) Insight Diagnostics Multiple XSS Vulnerabilities (HPSBMA02571) CVE-2010-3003

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

HP/HPE System Management Homepage (SMH) with Insight Diagnostics is prone to multiple cross-site scripting (XSS) vulnerabilities.

Risk description

The flaws are caused by input validation errors in the parameters.php, idstatusframe.php, survey.php, globals.php and custom.php pages, which allows attackers to execute arbitrary HTML and script code in a users browser session in the context of an affected site. Successful exploitation will allow attackers to inject arbitrary HTML code in the context of an affected site.

Recommendation

The vendor has released updates. Please see the referenced vendor advisory for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 10, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available