4.3
CVE-2010-4111
- EPSS 0.48%
- Veröffentlicht 22.12.2010 21:00:18
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle hp-security-alert@hp.com
- Teams Watchlist Login
- Unerledigt Login
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hp ≫ Insight Diagnostics Editiononline Version <= 8.5.0.3625
Hp ≫ Insight Diagnostics Version6.3.0.878 Editiononline
Hp ≫ Insight Diagnostics Version6.3.1.887 Editiononline
Hp ≫ Insight Diagnostics Version7.0.0.1198 Editiononline
Hp ≫ Insight Diagnostics Version7.0.1.1219 Editiononline
Hp ≫ Insight Diagnostics Version7.4.0.1570 Editiononline
Hp ≫ Insight Diagnostics Version7.5.0.1679 Editiononline
Hp ≫ Insight Diagnostics Version7.5.5.1681 Editiononline
Hp ≫ Insight Diagnostics Version7.6.0.1984 Editiononline
Hp ≫ Insight Diagnostics Version7.7.0.2112 Editiononline
Hp ≫ Insight Diagnostics Version7.8.0.2257 Editiononline
Hp ≫ Insight Diagnostics Version7.9.0.2359 Editiononline
Hp ≫ Insight Diagnostics Version7.9.1.2401 Editiononline
Hp ≫ Insight Diagnostics Version8.0.0.2587 Editiononline
Hp ≫ Insight Diagnostics Version8.1.0.2718 Editiononline
Hp ≫ Insight Diagnostics Version8.1.1.2784 Editiononline
Hp ≫ Insight Diagnostics Version8.1.5.2890 Editiononline
Hp ≫ Insight Diagnostics Version8.2.0.3058 Editiononline
Hp ≫ Insight Diagnostics Version8.2.5.3157 Editiononline
Hp ≫ Insight Diagnostics Version8.3.0.3320 Editiononline
Hp ≫ Insight Diagnostics Version8.4.0.3521 Editiononline
Hp ≫ Insight Diagnostics Editiononline Version <= 8.5.0-11
Hp ≫ Insight Diagnostics Version6.3.0-15 Editiononline
Hp ≫ Insight Diagnostics Version6.3.1-1 Editiononline
Hp ≫ Insight Diagnostics Version7.0.0-30 Editiononline
Hp ≫ Insight Diagnostics Version7.0.1-8 Editiononline
Hp ≫ Insight Diagnostics Version7.4.0-11 Editiononline
Hp ≫ Insight Diagnostics Version7.5.0-14 Editiononline
Hp ≫ Insight Diagnostics Version7.5.5-1 Editiononline
Hp ≫ Insight Diagnostics Version7.6.0-23 Editiononline
Hp ≫ Insight Diagnostics Version7.7.0-142 Editiononline
Hp ≫ Insight Diagnostics Version7.8.0-159 Editiononline
Hp ≫ Insight Diagnostics Version7.9.0-105 Editiononline
Hp ≫ Insight Diagnostics Version7.9.1-15 Editiononline
Hp ≫ Insight Diagnostics Version8.0.0-210 Editiononline
Hp ≫ Insight Diagnostics Version8.1.0-136 Editiononline
Hp ≫ Insight Diagnostics Version8.1.1-206 Editiononline
Hp ≫ Insight Diagnostics Version8.1.5-311 Editiononline
Hp ≫ Insight Diagnostics Version8.3.0-14 Editiononline
Hp ≫ Insight Diagnostics Version8.3.1-105 Editiononline
Hp ≫ Insight Diagnostics Version8.4.0-18 Editiononline
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.638 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.