CVE-2010-3003

HP Insight Diagnostics Online Edition <8.5.0-11 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Exploits (5)

exploitdb WORKING POC VERIFIED

by Mr Teatime · textwebappsphp

https://www.exploit-db.com/exploits/34545

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Mr Teatime · textwebappsphp

https://www.exploit-db.com/exploits/34546

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Mr Teatime · textwebappsphp

https://www.exploit-db.com/exploits/34547

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Mr Teatime · textwebappsphp

https://www.exploit-db.com/exploits/34544

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Mr Teatime · textwebappsphp

https://www.exploit-db.com/exploits/34543

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02492472

[Various Sources] http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-05

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/2245

Scores

EPSS 0.0035

EPSS Percentile 57.0%

Classification

CWE

CWE-79

Status published

Affected Products (14)

hp/insight_diagnostics < 8.4

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

hp/insight_diagnostics

n/a/n/a

Timeline

Published Sep 10, 2010

Tracked Since Feb 18, 2026