XSS in Hp Network_node_manager_i
CVE-2011-5184
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/conf…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.028 (86.5th percentile) — read the EPSS interpretation.
Affected products
- Hp Network_node_manager_i — versions 9.10
- N/a — versions n/a
Weakness classification (CWE)
Public proof-of-concept exploits
References
- 77396 (x_refsource_OSVDB, Exploit, vdb-entry)
- cve@mitre.org (Exploit, x_refsource_MISC)
- 50806 (Exploit, vdb-entry, x_refsource_BID)
- 77399 (x_refsource_OSVDB, Exploit, vdb-entry)
- 77397 (x_refsource_OSVDB, Exploit, vdb-entry)
- 77401 (x_refsource_OSVDB, vdb-entry)
- nnmi-node-xss(71527) (vdb-entry, x_refsource_XF)
- 46941 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 20111123 0A29-11-1 : Cross-Site Scripting vulnerabilities in HP Network Node Manager i 9.10 (mailing-list, x_refsource_BUGTRAQ)
- nnmi-field-xss(71528) (vdb-entry, x_refsource_XF)
Frequently asked questions
- What is CVE-2011-5184?
- CVE-2011-5184 is a vulnerability in Hp Network_node_manager_i, classified under Cross-site Scripting. Published 2012-09-20.
- Is CVE-2011-5184 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.