← Back

CVE-2010-4111

nvd nist
Published: Dec 22, 2010Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (41)

Hp
1 product
Insight Diagnostics
Configuration A
21 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hp
Insight Diagnostics
Up to 8.5.0.3625
Insight Diagnostics
Version 6.3.0.878
Insight Diagnostics
Version 6.3.1.887
Insight Diagnostics
Version 7.0.0.1198
Insight Diagnostics
Version 7.0.1.1219
Insight Diagnostics
Version 7.4.0.1570
Insight Diagnostics
Version 7.5.0.1679
Insight Diagnostics
Version 7.5.5.1681
Insight Diagnostics
Version 7.6.0.1984
Insight Diagnostics
Version 7.7.0.2112
Insight Diagnostics
Version 7.8.0.2257
Insight Diagnostics
Version 7.9.0.2359
Insight Diagnostics
Version 7.9.1.2401
Insight Diagnostics
Version 8.0.0.2587
Insight Diagnostics
Version 8.1.0.2718
Insight Diagnostics
Version 8.1.1.2784
Insight Diagnostics
Version 8.1.5.2890
Insight Diagnostics
Version 8.2.0.3058
Insight Diagnostics
Version 8.2.5.3157
Insight Diagnostics
Version 8.3.0.3320
Insight Diagnostics
Version 8.4.0.3521
Running on/withPlatform Versions
Microsoft
Windows
All versions
Configuration B
20 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Hp
Insight Diagnostics
Up to 8.5.0-11
Insight Diagnostics
Version 6.3.0-15
Insight Diagnostics
Version 6.3.1-1
Insight Diagnostics
Version 7.0.0-30
Insight Diagnostics
Version 7.0.1-8
Insight Diagnostics
Version 7.4.0-11
Insight Diagnostics
Version 7.5.0-14
Insight Diagnostics
Version 7.5.5-1
Insight Diagnostics
Version 7.6.0-23
Insight Diagnostics
Version 7.7.0-142
Insight Diagnostics
Version 7.8.0-159
Insight Diagnostics
Version 7.9.0-105
Insight Diagnostics
Version 7.9.1-15
Insight Diagnostics
Version 8.0.0-210
Insight Diagnostics
Version 8.1.0-136
Insight Diagnostics
Version 8.1.1-206
Insight Diagnostics
Version 8.1.5-311
Insight Diagnostics
Version 8.3.0-14
Insight Diagnostics
Version 8.3.1-105
Insight Diagnostics
Version 8.4.0-18
Running on/withPlatform Versions
Linux
Linux Kernel
All versions

Related CWEs

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (4)

Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.