CVE-2019-11656 โ€” Cross-site Scripting in HP Arcsight Logger

CWE-79 โ€” Cross-site Scripting3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.2%
top 52.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
HP Arcsight Logger
Timeline
PublishedOct 4
Latest updateMay 24

Description

Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages1 packages

โ–ถNVDhp/arcsight_logger< 6.7.1+1

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-w92w-c9qq-339w: Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6โ†—2022-05-24
โ–ถ
CVEList
CVE-2019-11656: Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6โ†—2019-10-04
โ–ถ
CVE-2019-11656 โ€” Cross-site Scripting in HP | cvebase