Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-4411

Опубликовано: 13 окт. 2008
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*
Версия до 2.1.12-200 (включая)
cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.0-103:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.0-103\(a\):*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.0-109:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.0-118:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.2-127:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.3.132:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.4-143:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.5-146:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.6:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.6-156:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.7:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.7-168:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.8:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.8-177:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.9-178:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.10:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.10-186:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.11:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.11-197:*:*:*:*:*:*:*
cpe:2.3:a:hp:system_management_homepage:2.1.12-118:*:*:*:*:*:*:*

EPSS

Процентиль: 62%
0.00434
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

github логотип

GHSA-7g5q-fwvw-j3vm

github
почти 4 года назад

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663.

EPSS

Процентиль: 62%
0.00434
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79