First published: Mon Jan 24 2011(Updated: )
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: hp-security-alert@hp.com
Affected Software | Affected Version | How to fix |
---|---|---|
HP Business Availability Center | =8.0 | |
HP Business Availability Center | =8.05 | |
HP Business Availability Center | =7.55 | |
HP Business Service Management | =9.01 | |
HP Business Availability Center | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2011-0274 is classified as a medium severity vulnerability due to its potential for remote exploitation through cross-site scripting.
To fix CVE-2011-0274, upgrade your HP Business Availability Center or Business Service Management to a version that is not affected by this vulnerability.
Organizations using HP Business Availability Center versions 7.x to 8.05 and HP Business Service Management version 9.01 are at risk of CVE-2011-0274.
CVE-2011-0274 can enable attackers to execute arbitrary scripts or HTML, potentially leading to session hijacking or data theft.
No, CVE-2011-0274 has been addressed in subsequent updates beyond the affected versions.