Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 04:10
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 4.7 |
References | () http://www.securityfocus.com/bid/104131 - | |
References | () http://www.securitytracker.com/id/1040900 - | |
References | () https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014 - |
07 Nov 2023, 02:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securitytracker.com/id/1040900 - | |
References | () https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014 - | |
References | () http://www.securityfocus.com/bid/104131 - |
Information
Published : 2018-05-22 19:29
Updated : 2024-11-21 04:10
NVD link : CVE-2018-6492
Mitre link : CVE-2018-6492
CVE.ORG link : CVE-2018-6492
JSON object : View
Products Affected
hp
- network_operations_management_ultimate
- network_automation
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')