HPE.System.Management.Homepage.XSS
Description
This indicates an attack attempt against a Cross-Site Scripting (XSS) vulnerability in HP System Management Homepage.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted HTTP request. A remote attacker can exploit this to execute arbitrary script code within the context of the user's browser.
Affected Products
HP System Management Homepage before v7.6.1
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |