CVE-2014-7896: XSS
First published: Tue Mar 03 2015(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP XP P9000 Device Manager | <=8.1.1 | |
| HP XP7 Replication Manager | <=7.6.1 | |
| HP XP7 Tiered Storage Manager | <=8.1.1 | |
| Hitachi Global Link Manager | <=8.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/hp
- canonical/hp xp p9000 device manager
- version/hp xp p9000 device manager/8.1.1
- canonical/hp xp7 replication manager
- version/hp xp7 replication manager/7.6.1
- canonical/hp xp7 tiered storage manager
- version/hp xp7 tiered storage manager/8.1.1
- canonical/hitachi global link manager
- version/hitachi global link manager/8.1.1