CVE-2018-7075

Published: Aug 6, 2018Modified: Nov 21, 2024

6.1

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version.

Affected (1)

Products: Hp: Intelligent Management Center

1 product

Intelligent Management Center

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Intelligent Management Center	Version 7.3 e0506

Related CWEs

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (2)

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03863en_us

Source: security-alert@hpe.com

Vendor Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03863en_us

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.