HP : Security Vulnerabilities, CVEs, Published In 2016 (XSS)
HPE System Management Homepage before v7.6 allows "remote authenticated" attackers to obtain sensitive information via unspecified vectors, related to an "XSS" issue.
Max CVSS
5.4
EPSS Score
0.16%
Published
2016-10-28
Updated
2017-02-17
Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
5.4
EPSS Score
0.16%
Published
2016-09-08
Updated
2016-11-28
HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.14%
Published
2016-06-08
Updated
2016-08-24
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2010.
Max CVSS
5.4
EPSS Score
0.05%
Published
2016-05-07
Updated
2016-12-01
Cross-site scripting (XSS) vulnerability in HPE Network Node Manager i (NNMi) 9.20, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2011.
Max CVSS
5.4
EPSS Score
0.05%
Published
2016-05-07
Updated
2016-12-01
Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
5.4
EPSS Score
0.16%
Published
2016-01-05
Updated
2016-12-07
6 vulnerabilities found