CVE-2010-0452: XSS
First published: Mon Mar 29 2010(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC, formerly Mercury IT Governance) 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Micro Focus Project and Portfolio Management Center | <=7.1 | |
| Micro Focus Project and Portfolio Management Center | <=7.5 | |
| HPE HP-UX | =b.11.23 | |
| All of | ||
| Any of | ||
| Micro Focus Project and Portfolio Management Center | <=7.1 | |
| Micro Focus Project and Portfolio Management Center | <=7.5 | |
| HPE HP-UX | =b.11.23 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What are the XSS vulnerabilities associated with CVE-2010-0452?
CVE-2010-0452 identifies multiple cross-site scripting vulnerabilities in HP Project and Portfolio Management Center versions 7.1 through SP10 and 7.5 through SP3.
What is the impact of CVE-2010-0452?
The impact of CVE-2010-0452 allows remote attackers to inject arbitrary web script or HTML into the affected systems.
How can I identify if my system is affected by CVE-2010-0452?
To identify if your system is affected by CVE-2010-0452, check if you are running HP Project and Portfolio Management Center versions 7.1 through SP10 or 7.5 through SP3.
What measures can be taken to protect against CVE-2010-0452?
To protect against CVE-2010-0452, it's recommended to upgrade to a patched version or apply security updates provided by HP that address these vulnerabilities.
Who can exploit the vulnerabilities identified in CVE-2010-0452?
Anyone with remote access to the affected HP Project and Portfolio Management Center software can exploit the vulnerabilities identified in CVE-2010-0452.
- collector/nvd-historical
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/source
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/hp
- canonical/micro focus project and portfolio management center
- version/micro focus project and portfolio management center/7.1
- version/micro focus project and portfolio management center/7.5
- canonical/hpe hp-ux
- version/hpe hp-ux/b.11.23