XSS in Hp Sitescope

CVE-2011-1727

Cross-site scripting (XSS) vulnerability in HP SiteScope 9.54, 10.13, 11.01, and 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an "HTML injection" issue.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.011 (78.1th percentile) — read the EPSS interpretation.

Affected products

Hp Sitescope — versions 9.54, 10.13, 11.01
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

8235 (x_refsource_SREASON, third-party-advisory)
1025436 (vdb-entry, x_refsource_SECTRACK)
44354 (x_refsource_SECUNIA, third-party-advisory)
HPSBMA02667 (Vendor Advisory, x_refsource_HP, vendor-advisory)
hp-sitescope-unspec-xss(67020) (vdb-entry, x_refsource_XF)
ADV-2011-1091 (vdb-entry, x_refsource_VUPEN)
72061 (x_refsource_OSVDB, vdb-entry)
44322 (x_refsource_SECUNIA, third-party-advisory)
47554 (vdb-entry, x_refsource_BID)