CVE-2011-2402

HP Network Automation - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (7)

[Vendor Advisory] http://marc.info/?l=bugtraq&m=131188727830971&w=2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/48922

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/68885

[Third Party Advisory, VDB Entry] http://osvdb.org/74133

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1025862

[Third Party Advisory] http://secunia.com/advisories/45454

[Third Party Advisory] http://securityreason.com/securityalert/8321

Scores

EPSS 0.0067

EPSS Percentile 71.1%

Classification

CWE

CWE-79

Status published

Affected Products (6)

hp/network_automation

n/a/n/a

Timeline

Published Aug 01, 2011

Tracked Since Feb 18, 2026