XSS in Hp Power_manager
CVE-2011-0280
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter t…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.007 (71.9th percentile) — read the EPSS interpretation.
Affected products
- Hp Power_manager — versions 4.2.5, 4.2.6, 4.2.7
- N/a — versions n/a
Weakness classification (CWE)
References
- powermanager-unspecified-xss(66035) (vdb-entry, x_refsource_XF)
- 46830 (vdb-entry, x_refsource_BID)
- 43058 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- HPSBMA02629 (x_refsource_HP, vendor-advisory)