CVE Reference: CVE-2011-5184

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2011-5184

Description:
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/71528
  http://xforce.iss.net/xforce/xfdb/71527

SAID
  Secunia Advisory: SA46941

OSVDB
  77396
  77397
  77398
  77399
  77400
  77401

MISC
  http://0a29.blogspot.com/2011/11/0a29-11-1-cross-site-scripting.html

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/520653/100/0/threaded

BID
  50806


Return to the previous page.