Description
Cross-site scripting (XSS) vulnerability in Compaq Insight Management Agents 2.0, 2.1, 3.6.0, 4.2 and 4.3.7 allows remote attackers to inject arbitrary web script or HTML via a URL, which inserts the script into the resulting error message.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Taylor Huff · textremotehardware
https://www.exploit-db.com/exploits/21827
References (5)
Core 5
Core References
Various Sources x_refsource_misc
http://www.securiteam.com/windowsntfocus/6G00K0A5SM.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/294020
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://online.securityfocus.com/archive/1/294160
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5780
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/293715
Scores
EPSS
0.0041
EPSS Percentile
61.8%
Details
CWE
CWE-79
Status
published
Products (6)
compaq/insight_management_agent
2.0
compaq/insight_management_agent
2.1
compaq/insight_management_agent
2.1_b
compaq/insight_management_agent
3.6.0
compaq/insight_management_agent
4.2
compaq/insight_management_agent
4.37
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026