CVE-2011-1862

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.8%

top 26.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Service Center HP Service Manager

Timeline

PublishedJun 14

Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in HP Service Manager 7.02, 7.11, 9.20, and 9.21 and Service Center 6.2.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDhp/service_center6.2.8

▶NVDhp/service_manager4 versions+3

🔴Vulnerability Details

GHSA

GHSA-5hv9-93p8-hw48: Cross-site scripting (XSS) vulnerability in HP Service Manager 7↗2022-05-17

▶

CVEList

CVE-2011-1862: Cross-site scripting (XSS) vulnerability in HP Service Manager 7↗2011-06-14

▶