CVE-2013-4815
HP ArcSight Enterprise Security Manager < 5.5 - Cross-Site Scripting
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the web interface in HP ArcSight Enterprise Security Manager (ESM) before 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_hp
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03901176
Scores
EPSS
0.0026
EPSS Percentile
49.7%
Details
CWE
CWE-79
Status
published
Products (1)
microfocus/arcsight_enterprise_security_manager
< 5.2
Published
Sep 20, 2013
Tracked Since
Feb 18, 2026