CVE-2016-4406

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.5%
top 32.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Integrated Lights-out 3 FirmwareHP Integrated Lights-out 4 Firmware
Timeline
PublishedAug 6
Latest updateMay 14

Description

A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-7w28-fr42-754c: A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v12022-05-14
CVEList
CVE-2016-4406: A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v12018-08-06
CVE-2016-4406 (MEDIUM CVSS 6.1) | A remote cross site scripting vulne | cvebase.io