CVE-2014-7896

Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hp:xp_p9000_device_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:xp_p9000_replication_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:xp_p9000_tiered_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:xp7_global_link_manager_software:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:18

Type Values Removed Values Added
References () http://www.securitytracker.com/id/1031828 - () http://www.securitytracker.com/id/1031828 -
References () https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582371 - () https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04582371 -

Information

Published : 2015-03-03 11:59

Updated : 2024-11-21 02:18


NVD link : CVE-2014-7896

Mitre link : CVE-2014-7896

CVE.ORG link : CVE-2014-7896


JSON object : View

Products Affected

hp

  • xp_p9000_device_manager
  • xp_p9000_tiered_storage_manager
  • xp7_global_link_manager_software
  • xp_p9000_replication_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')