ID de Prueba:	1.3.6.1.4.1.25623.1.0.800189
Categoría:	Web application abuses
Título:	HP/HPE System Management Homepage (SMH) Insight Diagnostics Multiple XSS Vulnerabilities (HPSBMA02571)
Resumen:	HP/HPE System Management Homepage (SMH) with Insight Diagnostics is; prone to multiple cross-site scripting (XSS) vulnerabilities.
Descripción:	Summary: HP/HPE System Management Homepage (SMH) with Insight Diagnostics is prone to multiple cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: The flaws are caused by input validation errors in the 'parameters.php', 'idstatusframe.php', 'survey.php', 'globals.php' and 'custom.php' pages, which allows attackers to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Vulnerability Impact: Successful exploitation will allow attackers to inject arbitrary HTML code in the context of an affected site. Affected Software/OS: HP/HPE SMH Insight Diagnostics Online Edition before 8.5.0-11. Solution: The vendor has released updates. Please see the referenced vendor advisory for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3003 HPdes Security Advisory: HPSBMA02571 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02492472 HPdes Security Advisory: SSRT100034 http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-05 http://www.vupen.com/english/advisories/2010/2245
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.