Description
Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Richard Brain · textwebappsphp
https://www.exploit-db.com/exploits/35116
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
http://marc.info/?l=bugtraq&m=129245189832672&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1024897
Scores
EPSS
0.0037
EPSS Percentile
58.5%
Details
CWE
CWE-79
Status
published
Products (40)
hp/insight_diagnostics
6.3.0.878
hp/insight_diagnostics
6.3.1.887
hp/insight_diagnostics
7.0.0.1198
hp/insight_diagnostics
7.0.1.1219
hp/insight_diagnostics
7.4.0.1570
hp/insight_diagnostics
7.5.0.1679
hp/insight_diagnostics
7.5.5.1681
hp/insight_diagnostics
7.6.0.1984
hp/insight_diagnostics
7.7.0.2112
hp/insight_diagnostics
7.8.0.2257
... and 30 more
Published
Dec 22, 2010
Tracked Since
Feb 18, 2026