CVE-2010-3985
HP Operations Orchestration < 9.0 - Cross-Site Scripting via Internet Explorer 6.0
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44331
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/41983
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/62727
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2760
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02541822
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/68906
Scores
EPSS
0.0075
EPSS Percentile
73.4%
Details
CWE
CWE-79
Status
published
Products (3)
hp/operations_orchestration
7.1
hp/operations_orchestration
7.2
hp/operations_orchestration
< 7.5
Published
Oct 26, 2010
Tracked Since
Feb 18, 2026