CVE-2017-8953

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.3%

top 45.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Loadrunner HP Performance Center Hewlett Packard Enterprise Loadrunner AND Performance Center

Timeline

PublishedFeb 15

Latest updateMay 14

Description

A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages3 packages

▶CVEListV5hewlett_packard_enterprise/loadrunner_and_performance_centerv12.53 and earlier, v12.53 and earlier

▶NVDhp/performance_center12.53

▶NVDhp/loadrunner12.53

🔴Vulnerability Details

GHSA

GHSA-cf7w-59c6-q29w: A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12↗2022-05-14

▶

CVEList

CVE-2017-8953: A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12↗2018-02-15

▶