CVE-2012-2022

CWE-79Cross-site Scripting (XSS)CWE-94Code Injection18 documents11 sources
Severity
4.3MEDIUM
EPSS
1.2%
top 21.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Network Node Manager I
Timeline
PublishedAug 7
Latest updateMay 14

Description

Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 8.x, 9.0x, 9.1x, and 9.20 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDhp/network_node_manager_i12 versions+11

🔴Vulnerability Details

2
GHSA
GHSA-rpv7-pxwh-9c3x: Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 82022-05-13
CVEList
CVE-2012-2022: Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i (NNMi) 82012-08-07

📋Vendor Advisories

6
CISA
Oracle Java SE Sandbox Bypass Vulnerability2022-03-28
CISA
Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability2022-03-03
CISA
Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability2022-03-03
CISA
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability2022-03-03
CISA
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability2021-11-03

🕵️Threat Intelligence

1
Bleepingcomputer
Microsoft fixes Linux boot issues on dual-boot Windows systems2025-05-14

💬Community

1
Bugzilla
CVE-2012-0477 Mozilla: Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues (MFSA 2012-29)2012-04-22
CVE-2012-2022 (MEDIUM CVSS 4.3) | Multiple cross-site scripting (XSS) | cvebase.io