CVE-2013-2361: XSS
First published: Mon Jul 22 2013(Updated: )
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP System Management Homepage | <=7.2 | |
| HP System Management Homepage | =7.0 | |
| HP System Management Homepage | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-2361?
CVE-2013-2361 is classified as a moderate severity vulnerability due to its potential for injecting arbitrary web scripts or HTML.
How do I fix CVE-2013-2361?
To fix CVE-2013-2361, upgrade HP System Management Homepage to version 7.2.1 or later.
What impact does CVE-2013-2361 have on my system?
CVE-2013-2361 allows remote attackers to execute arbitrary scripts in the context of the affected webpage, potentially leading to data theft or session hijacking.
Which versions of HP System Management Homepage are affected by CVE-2013-2361?
CVE-2013-2361 affects HP System Management Homepage versions prior to 7.2.1, including versions 7.0 and 7.1.
Is there a workaround for CVE-2013-2361?
There are no specific workarounds for CVE-2013-2361 other than upgrading to a patched version.
- collector/nvd-index
- vendor/hp
- canonical/hp system management homepage
- version/hp system management homepage/7.2
- version/hp system management homepage/7.0
- version/hp system management homepage/7.1