CVE-2013-6198Cross-site Scripting in HP Service Manager

CWE-79Cross-site Scripting3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.7%
top 27.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
HP Service ManagerHP Service Manager WEB ClientHP Service Manager WEB Tier
Timeline
PublishedDec 29
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

NVDhp/service_manager_web_tier9.20, 9.21+1
NVDhp/service_manager9.20, 9.21+1

🔴Vulnerability Details

2
GHSA
GHSA-h8g8-f8qf-7h4h: Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 92022-05-17
CVEList
CVE-2013-6198: Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 92013-12-29
CVE-2013-6198 — Cross-site Scripting in HP | cvebase