CVE-2022-28624
MEDIUMHPE FlexNetwork 5130 EI and FlexFabric 5945 Firmware - Cross-Site Scripting
Title source: llmDescription
A potential security vulnerability has been identified in certain HPE FlexNetwork and FlexFabric switch products. The vulnerability could be remotely exploited to allow cross site scripting (XSS). HPE has made the following software updates to resolve the vulnerability. HPE FlexNetwork 5130EL_7.10.R3507P02 and HPE FlexFabric 5945_7.10.R6635.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04265en_us
Scores
CVSS v3
4.8
EPSS
0.0046
EPSS Percentile
64.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
hpe/flexfabric_5945_firmware
7.10.r6635
hpe/flexnetwork_5130_ei_firmware
7.10.r3507p02
Published
Jul 08, 2022
Tracked Since
Feb 18, 2026