Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-3485

Summary
Assigner-microfocus
Assigner Org ID-f81092c5-7f14-476d-80dc-24857f90be84
Published At-24 Jul, 2019 | 15:30
Updated At-17 Sep, 2024 | 02:06
Rejected At-
Credits

ArcSight Logger stored cross site script issue in version prior to 6.7.1

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:microfocus
Assigner Org ID:f81092c5-7f14-476d-80dc-24857f90be84
Published At:24 Jul, 2019 | 15:30
Updated At:17 Sep, 2024 | 02:06
Rejected At:
â–¼CVE Numbering Authority (CNA)
ArcSight Logger stored cross site script issue in version prior to 6.7.1

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1

Affected Products
Vendor
Micro Focus International LimitedMicro Focus
Product
ArcSight Logger
Versions
Affected
  • From ArcSight Logger before 6.7.1 (custom)
Problem Types
TypeCWE IDDescription
textN/Astored cross site script
Type: text
CWE ID: N/A
Description: stored cross site script
Metrics
VersionBase scoreBase severityVector
3.04.6MEDIUM
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Version: 3.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade to ArcSight Logger to a version > 6.7.0

Configurations
Workarounds
Exploits
Credits
Special thanks to ING Tech Poland for responsibly disclosing this vulnerability.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/109363
vdb-entry
x_refsource_BID
https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/109363
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/109363
vdb-entry
x_refsource_BID
x_transferred
https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/109363
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@opentext.com
Published At:24 Jul, 2019 | 16:15
Updated At:07 Nov, 2023 | 03:09

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.06.1MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Secondary3.04.6MEDIUM
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 3.0
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Type: Secondary
Version: 3.0
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
HP Inc.
hp
>>arcsight_logger>>Versions before 6.7.1(exclusive)
cpe:2.3:a:hp:arcsight_logger:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
CWE ID: CWE-79
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/109363security@opentext.com
N/A
https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011security@opentext.com
N/A
Hyperlink: http://www.securityfocus.com/bid/109363
Source: security@opentext.com
Resource: N/A
Hyperlink: https://community.microfocus.com/t5/Logger/Logger-Release-Notes-6-71/ta-p/1790256?attachment-id=75011
Source: security@opentext.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

12410Records found
CVE-2010-1557
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.46% / 70.25%
||
7 Day CHG~0.00%
Published-14 May, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Control Server Migration before 6.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_control_server_migration_for_windowsn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2010-1036
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.87% / 85.00%
||
7 Day CHG~0.00%
Published-28 Apr, 2010 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2010-0449
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.71% / 74.38%
||
7 Day CHG+0.01%
Published-31 Mar, 2010 | 17:35
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-soa_registry_foundationn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2010-0452
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.88% / 85.02%
||
7 Day CHG~0.00%
Published-29 Mar, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (PPMC, formerly Mercury IT Governance) 7.1 through SP10 and 7.5 through SP3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-project_and_portfolio_management_centerhp-uxn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2009-4185
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-3.00% / 85.64%
||
7 Day CHG+0.02%
Published-05 Feb, 2010 | 22:13
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2009-2684
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.21% / 80.31%
||
7 Day CHG~0.00%
Published-13 Oct, 2009 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in Jetdirect and the Embedded Web Server (EWS) on certain HP LaserJet and Color LaserJet printers, and HP Digital Senders, allow remote attackers to inject arbitrary web script or HTML via the (1) Product_URL or (2) Tech_URL parameter in an Apply action to the support_param.html/config script.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_4250ncolor_laserjet_cm4730_mfpcolor_laserjet_cp3505ds_9200ccolor_laserjet_cp6015laserjet_4240color_laserjet_cp4005nlaserjet_m3027_mfplaserjet_9040_mfplaserjet_p4014laserjet_4350ncolor_laserjet_3800nlaserjet_m3035_mfpcolor_laserjet_4730_mfplaserjet_9050_mfplaserjet_2430ncm8050_mfplaserjet_m9040_mpflaserjet_2410laserjet_9040nlaserjet_m5025_mfplaserjet_p3005ncolor_laserjet_6040_mfpcm8060_mfplaserjet_5200nlaserjet_p4515color_laserjet_3600ncolor_laserjet_3000nlaserjet_2420color_laserjet_4700nlaserjet_m9050_mpflaserjet_9050nds_9250claserjet_4345_mfplaserjet_m4345x_mfpn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2009-1333
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.62% / 72.96%
||
7 Day CHG~0.00%
Published-17 Apr, 2009 | 14:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the web interface on the HP Deskjet 6840 printer with firmware XF1M131A allows remote attackers to inject arbitrary web script or HTML via the POST request body.

Action-Not Available
Vendor-n/aHP Inc.
Product-deskjet_6840n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2009-0204
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-3.01% / 85.68%
||
7 Day CHG~0.00%
Published-30 Jan, 2009 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-select_accessn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-11860
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
CVSS Score-6.1||MEDIUM
EPSS-0.63% / 45.65%
||
7 Day CHG~0.00%
Published-17 Nov, 2020 | 00:54
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)

Action-Not Available
Vendor-Micro Focus International Limited
Product-arcsight_loggerArcSight Logger
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2008-1663
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.78% / 84.51%
||
7 Day CHG~0.00%
Published-09 Jul, 2008 | 00:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-26325
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
CVSS Score-2.9||LOW
EPSS-0.33% / 24.37%
||
7 Day CHG~0.00%
Published-02 May, 2022 | 18:41
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cross Site Scripting vulnerability in NetIQ Access Manager versions prior to version 5.0.2

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.2

Action-Not Available
Vendor-Micro Focus International Limited
Product-netiq_access_managerNetIQ Access Manager
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2016-4363
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.1||MEDIUM
EPSS-1.80% / 75.61%
||
7 Day CHG~0.00%
Published-08 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Insight Control server deployment allows remote attackers to modify data via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_control_server_deploymentn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2007-6343
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.42% / 82.06%
||
7 Day CHG~0.00%
Published-13 Dec, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2007-5302
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.89% / 85.09%
||
7 Day CHG~0.00%
Published-09 Oct, 2007 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2007-4350
Matching Score-10
Assigner-Flexera Software LLC
ShareView Details
Matching Score-10
Assigner-Flexera Software LLC
CVSS Score-4.3||MEDIUM
EPSS-1.64% / 73.27%
||
7 Day CHG~0.00%
Published-21 Oct, 2008 | 16:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message.

Action-Not Available
Vendor-n/aHP Inc.
Product-sitescopen/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-23706
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-0.66% / 46.86%
||
7 Day CHG~0.00%
Published-17 May, 2022 | 20:01
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 7.0. HPE has provided a software update to resolve this vulnerability in HPE OneView.

Action-Not Available
Vendor-n/aHP Inc.
Product-oneviewHPE OneView
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-23697
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-0.70% / 48.21%
||
7 Day CHG+0.02%
Published-04 Apr, 2022 | 19:45
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote cross-site scripting (xss) vulnerability was discovered in HPE OneView version(s): Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView.

Action-Not Available
Vendor-n/aHP Inc.
Product-oneviewHPE OneView
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-22477
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.50% / 38.58%
||
7 Day CHG+0.03%
Published-14 Jul, 2022 | 16:25
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 225605.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarislinux_kernelwebsphere_application_serverihp-uxwindowsz\/osaixWebSphere Application Server
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-3486
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
CVSS Score-4.6||MEDIUM
EPSS-0.97% / 57.11%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 14:30
Updated-16 Sep, 2024 | 22:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ArcSight Security Management Center stored cross site script issue in version prior to 2.9.1

Mitigates a stored cross site scripting issue in ArcSight Security Management Center versions prior to 2.9.1

Action-Not Available
Vendor-Micro Focus International LimitedHP Inc.
Product-arcsight_management_centerArcsight Security Management Center
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-18914
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.65% / 46.27%
||
7 Day CHG~0.00%
Published-09 Nov, 2021 | 14:10
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious link.

Action-Not Available
Vendor-n/aHP Inc.
Product-laserjet_enterprise_m605_l3u54alaserjet_managed_flow_mfp_e82540_x3a82alaserjet_enterprise_flow_mfp_m680_cz248alaserjet_managed_mfp_e52645_1pv64alaserjet_enterprise_mfp_m776_t3u55alaserjet_managed_mfp_m630_b3g85apagewide_managed_flow_mfp_e77660z_j7z07alaserjet_managed_flow_mfp_e77825_z8z0alaserjet_managed_mfp_e72530_z8z09alaserjet_enterprise_m552_b5l23alaserjet_managed_mfp_e87640_x3a86alaserjet_managed_mfp_e82540_z8z22alaserjet_enterprise_flow_mfp_m880z_a2w75alaserjet_managed_mfp_e62555_j8j74alaserjet_managed_mfp_e77428_5cm77alaserjet_managed_e60075_m0p33alaserjet_managed_flow_mfp_e72525_z8z08alaserjet_managed_flow_mfp_m575_l3u45alaserjet_enterprise_mfp_m577_b5l48alaserjet_managed_flow_mfp_e82560_x3a74alaserjet_managed_flow_mfp_e67560_l3u70alaserjet_managed_flow_mfp_e57540_3gy25alaserjet_enterprise_m609_k0q22alaserjet_managed_mfp_e77428_5cm79alaserjet_managed_flow_mfp_m630_p7z47alaserjet_managed_flow_mfp_e72525_x3a62alaserjet_managed_flow_mfp_m880zm_d7p71alaserjet_enterprise_700_m712_cf235alaserjet_enterprise_m506_f2a66alaserjet_managed_flow_mfp_m680_l3u47alaserjet_managed_flow_mfp_e62565_j8j79alaserjet_managed_mfp_e87650_z8z15alaserjet_managed_flow_mfp_m630_l3u62alaserjet_managed_flow_mfp_e82540_z8z23alaserjet_enterprise_m507_1pv88alaserjet_enterprise_m652_j7z99alaserjet_managed_mfp_e72525_x3a66alaserjet_enterprise_m506_f2a70apagewide_enterprise_flow_mfp_586z_g1w41alaserjet_managed_mfp_e72525_z8z08alaserjet_managed_flow_mfp_e62555_j8j74alaserjet_managed_mfp_e72530_x3a65alaserjet_managed_mfp_e62555_j8j67alaserjet_managed_flow_mfp_e62565_j8j80alaserjet_enterprise_flow_mfp_m631_j8j63alaserjet_enterprise_flow_mfp_m630_b3g86aofficejet_managed_mfp_x585_b5l04alaserjet_managed_mfp_e72530_z8z08alaserjet_enterprise_mfp_m633_j8j78apagewide_managed_flow_mfp_e77650_j7z14alaserjet_managed_mfp_e82550_az8z20apagewide_managed_mfp_p77950_2gp22alaserjet_managed_mfp_e82540_z8z19laserjet_managed_mfp_e82550_x3a68alaserjet_enterprise_flow_mfp_m681_j8a12apagewide_managed_mfp_p77950_2gp26alaserjet_managed_e60055_m0p39alaserjet_managed_mfp_e77822_x3a84alaserjet_managed_mfp_e52645_1pv67alaserjet_managed_e75245_t3u64alaserjet_managed_flow_mfp_e87650_z8z16alaserjet_enterprise_m855_a2w77alaserjet_managed_m506_f2a69alaserjet_enterprise_500_m551_cf081alaserjet_managed_flow_mfp_e72535_z8z08apagewide_managed_mfp_p77950_5zn98alaserjet_managed_flow_mfp_e67550_l3u70alaserjet_managed_mfp_e82560_z8z22apagewide_managed_mfp_p77940_y3z68alaserjet_managed_mfp_e52545_3gy19alaserjet_managed_mfp_e77428_5cm78alaserjet_enterprise_mfp_m632_j8j72alaserjet_managed_mfp_e57540_3gy26alaserjet_enterprise_mfp_m577_b5l46alaserjet_managed_flow_mfp_e72535_z8z06alaserjet_managed_flow_mfp_e82550_z8z23alaserjet_managed_mfp_e72530_x3a60alaserjet_managed_flow_mfp_e82540_x3a69alaserjet_enterprise_mfp_m631_j8j65aofficejet_enterprise_mfp_x585_l3u40alaserjet_enterprise_mfp_m725_l3u64alaserjet_managed_mfp_e72430_5rc89alaserjet_managed_flow_mfp_e82540_x3a79apagewide_managed_mfp_p77940_y3z63apagewide_enterprise_556_g1w47vlaserjet_managed_mfp_e77830_z8z02alaserjet_managed_500_mfp_m575_l3u46alaserjet_managed_flow_mfp_e82540_x3a72alaserjet_managed_mfp_e82560_x3a69alaserjet_managed_mfp_e82560_az8z20alaserjet_enterprise_700_mfp_m775_cc522alaserjet_managed_mfp_e77825_x3a84alaserjet_enterprise_700_mfp_m775_cf304apagewide_managed_mfp_p77940_y3z64alaserjet_managed_flow_mfp_e82560_x3a79alaserjet_managed_e75245_t3u43alaserjet_managed_flow_mfp_e77822_z8z0alaserjet_managed_mfp_e87660_x3a89alaserjet_enterprise_flow_mfp_m630_p7z48alaserjet_managed_flow_mfp_e87660_x3a86alaserjet_enterprise_600_m603_ce994apagewide_managed_mfp_p77940_y3z66alaserjet_enterprise_m652_j7z98alaserjet_managed_flow_mfp_e62575_j8j74alaserjet_managed_flow_mfp_e82550_z8z18alaserjet_managed_mfp_e82560_x3a74alaserjet_managed_mfp_e62565_j8j74alaserjet_managed_mfp_e87650_z8z17alaserjet_enterprise_m506_f2a71apagewide_managed_p75250_y3z49alaserjet_managed_mfp_e72535_z8z08alaserjet_managed_flow_mfp_e87650_x3a87alaserjet_managed_mfp_e82560_x3a79alaserjet_managed_flow_mfp_e62575_j8j67alaserjet_managed_mfp_e87640_z8z14apagewide_managed_flow_mfp_e77650_j7z13alaserjet_enterprise_flow_mfp_m776_t3u55alaserjet_managed_m605_e6b70alaserjet_managed_flow_mfp_m527z_f2a79alaserjet_enterprise_600_m602_ce991apagewide_managed_mfp_p77950_5zn99alaserjet_managed_flow_mfp_e77825_z8z01alaserjet_enterprise_m4555_mfp_ce502alaserjet_managed_mfp_e77428_5rc91alaserjet_managed_flow_mfp_e62575_j8j66apagewide_managed_flow_mfp_e77660z_j7z14alaserjet_managed_flow_mfp_e62555_j8j73alaserjet_managed_e60065_m0p39alaserjet_managed_e60055_m0p33apagewide_managed_mfp_e77650_j7z08alaserjet_managed_flow_mfp_e72525_x3a66alaserjet_enterprise_m553_bl27alaserjet_managed_flow_mfp_e72535_z8z09alaserjet_managed_mfp_e57540_3gy25alaserjet_enterprise_m553_b5l24apagewide_enterprise_flow_mfp_586z_g1w39alaserjet_managed_flow_mfp_m575_l3u46alaserjet_managed_flow_mfp_e87640_z8z15aofficejet_managed_flow_mfp_x585_b5l07alaserjet_managed_mfp_e77422_5cm75alaserjet_managed_flow_mfp_e72535_x3a65alaserjet_managed_flow_mfp_e82550_z8z22alaserjet_managed_flow_mfp_e82560_x3a82apagewide_managed_flow_mfp_e77660z_j7z03alaserjet_enterprise_700_mfp_m775_l3u50alaserjet_managed_flow_mfp_e82550_x3a71alaserjet_managed_flow_mfp_e72530_x3a62alaserjet_managed_mfp_e82540_x3a82apagewide_managed_mfp_p77960_y3z62alaserjet_managed_flow_mfp_e57540_3gy26alaserjet_enterprise_500_mfp_m575_cd645alaserjet_managed_flow_mfp_e87660_z8z14alaserjet_managed_mfp_e77822_z8z04apagewide_managed_mfp_p77940_2gp26alaserjet_managed_mfp_e87640_z8z16apagewide_managed_mfp_p77940_5zn98alaserjet_enterprise_flow_mfp_m633_j8j76apagewide_mfp_774_4pa44alaserjet_enterprise_m507_1pv87alaserjet_managed_mfp_e72535_x3a60alaserjet_managed_flow_mfp_e87650_z8z15alaserjet_managed_flow_mfp_e87650_x3a90alaserjet_enterprise_flow_mfp_m681_j8a11alaserjet_enterprise_mfp_m528_1pv49alaserjet_managed_mfp_e72525_z8z011alaserjet_managed_mfp_e87640_x3a89apagewide_managed_mfp_p77940_2gp25alaserjet_managed_m553_b5l26alaserjet_managed_mfp_e87660_z8z14alaserjet_managed_mfp_e67560_l3u69alaserjet_enterprise_flow_mfp_m632_j8j72alaserjet_managed_flow_mfp_e77822_x3a77alaserjet_managed_mfp_e77830_x3a84alaserjet_managed_mfp_m725_cf068alaserjet_managed_mfp_e82540_x3a72alaserjet_managed_flow_mfp_m630_b3g86alaserjet_enterprise_mfp_m681_j8a12alaserjet_enterprise_m855_d7p73alaserjet_enterprise_mfp_m680_cz248alaserjet_managed_flow_mfp_e82550_x3a69alaserjet_managed_mfp_e77422_5rc92alaserjet_enterprise_flow_mfp_m575_cd645alaserjet_managed_mfp_e82560_x3a68alaserjet_enterprise_flow_mfp_m577_b5l46alaserjet_managed_e50145_1pv89alaserjet_managed_e60075_m0p39apagewide_managed_mfp_p77960_y3z63alaserjet_managed_m553_b5l38alaserjet_enterprise_700_mfp_m775_cc524aofficejet_enterprise_x555_l1h45alaserjet_managed_flow_mfp_e72530_z8z010alaserjet_managed_flow_mfp_m525_l3u59alaserjet_enterprise_m553_b5l39alaserjet_managed_mfp_m775_cc523alaserjet_enterprise_flow_mfp_m880z_a2w76alaserjet_managed_mfp_e82550_z8z23alaserjet_managed_flow_mfp_e87640_x3a93alaserjet_enterprise_mfp_m630_b3g85alaserjet_managed_mfp_e82540_z8z18alaserjet_enterprise_600_m601_ce989alaserjet_managed_m651_cz257alaserjet_managed_flow_mfp_e77825_z8z05aofficejet_enterprise_flow_mfp_x585_l3u41alaserjet_managed_mfp_e87650_z8z16alaserjet_managed_flow_mfp_e72530_z8z07alaserjet_enterprise_mfp_m577_b5l47alaserjet_enterprise_mfp_m725_cf069alaserjet_managed_e85055_t3u52alaserjet_managed_flow_mfp_e82560_z8z19laserjet_managed_mfp_e72525_z8z07alaserjet_managed_e65050_l3u57alaserjet_managed_flow_mfp_e72530_z8z011alaserjet_managed_e60055_m0p40alaserjet_managed_e50145_1pv88alaserjet_cm4540_mfp_cc420alaserjet_enterprise_600_m602_ce993alaserjet_managed_mfp_e82560_z8z23alaserjet_managed_flow_mfp_e87660_x3a92alaserjet_managed_flow_mfp_e82560_z8z23alaserjet_managed_mfp_e87640_x3a90alaserjet_managed_flow_mfp_e87650_x3a86alaserjet_enterprise_500_mfp_m525f_cf118alaserjet_managed_flow_mfp_e72535_x3a60alaserjet_enterprise_m651_h0dc9alaserjet_managed_flow_mfp_e72525_x3a59alaserjet_managed_mfp_e72525_z8z010alaserjet_managed_flow_mfp_e82550_az8z20alaserjet_managed_mfp_m630_j7x28alaserjet_managed_mfp_e77422_5cm77alaserjet_enterprise_mfp_m725_cf067alaserjet_managed_flow_mfp_e77830_x3a77alaserjet_managed_e50145_1pu51alaserjet_managed_mfp_e82540_az8z20alaserjet_managed_mfp_m630_l3u61alaserjet_managed_mfp_e72425_5cm72alaserjet_managed_flow_mfp_e82560_x3a69aofficejet_managed_mfp_x585_b5l05alaserjet_managed_flow_mfp_e77825_x3a83alaserjet_enterprise_m553_b5l38apagewide_managed_mfp_p77950_y3z65alaserjet_enterprise_flow_mfp_m527z_f2a78alaserjet_enterprise_m751_t3u44alaserjet_managed_mfp_e77822_x3a81alaserjet_enterprise_m4555_mfp_ce504alaserjet_enterprises_cp5525_ce708alaserjet_managed_e60065_m0p35alaserjet_managed_mfp_e77830_z8z04alaserjet_managed_flow_mfp_e82540_x3a74alaserjet_managed_mfp_e62565_j8j79alaserjet_managed_e65050_l3u55alaserjet_enterprise_flow_mfp_m631_j8j64alaserjet_enterprise_m507_1pu52alaserjet_managed_flow_mfp_e72525_z8z010apagewide_managed_mfp_p77950_5zp00apagewide_managed_mfp_p77960_y3z65alaserjet_managed_flow_mfp_m880zm_a2w75alaserjet_enterprise_m653_j8a05alaserjet_managed_m605_l3u54alaserjet_managed_flow_mfp_e72525_z8z07alaserjet_managed_m651_cz255alaserjet_managed_mfp_e82540_x3a79alaserjet_enterprise_m855_a2w79alaserjet_managed_mfp_e87650_x3a86alaserjet_managed_mfp_e87650_x3a93alaserjet_managed_mfp_m775_l3u50apagewide_755_4pz47apagewide_managed_flow_mfp_e77650_j7z08apagewide_managed_mfp_p77960_5zn99alaserjet_managed_mfp_e72530_z8z06alaserjet_managed_flow_mfp_e82550_x3a72apagewide_enterprise_flow_mfp_780f_j7z09alaserjet_managed_mfp_e72525_x3a59apagewide_managed_mfp_e77650_j7z13alaserjet_managed_e60065_m0p36alaserjet_enterprise_mfp_m527_f2a76alaserjet_managed_flow_mfp_e72535_z8z011alaserjet_managed_flow_mfp_e72530_z8z06alaserjet_managed_flow_mfp_e72535_x3a63apagewide_managed_mfp_p77950_y3z62alaserjet_managed_flow_mfp_e82550_x3a82alaserjet_managed_mfp_e72530_x3a59afuturesmart_4laserjet_managed_mfp_e82560_x3a72alaserjet_managed_mfp_m527_f2a80apagewide_managed_flow_mfp_e77660z_j7z08alaserjet_managed_m605_e6b69apagewide_managed_mfp_p77950_y3z64alaserjet_managed_mfp_e72525_x3a65alaserjet_managed_flow_mfp_m830_cf367alaserjet_managed_mfp_e67550_l3u67alaserjet_managed_m553_b5l24alaserjet_managed_flow_mfp_e82560_x3a68apagewide_enterprise_mfp_586_g1w41alaserjet_managed_mfp_e77822_z8z02alaserjet_managed_mfp_m775_l3u49alaserjet_enterprise_flow_mfp_m830_l3u65alaserjet_managed_500_mfp_m525_l3u60alaserjet_enterprise_m608_k0q17alaserjet_enterprise_m4555_mfp_ce738alaserjet_enterprise_m506_f2a67alaserjet_enterprise_600_m603_ce996alaserjet_managed_mfp_m680_l3u47alaserjet_enterprise_mfp_m680_cz249alaserjet_enterprise_flow_mfp_m682_j8a17alaserjet_enterprise_flow_mfp_m527z_f2a81alaserjet_managed_mfp_m775_cc524alaserjet_enterprise_500_mfp_m525f_cf117alaserjet_enterprise_500_mfp_m575_cd646alaserjet_managed_mfp_m527_f2a79apagewide_enterprise_flow_mfp_785_j7z11alaserjet_managed_mfp_m725_cf067alaserjet_enterprise_flow_mfp_m527z_f2a77alaserjet_managed_mfp_e72535_z8z011alaserjet_managed_mfp_e77422_5rc91aofficejet_managed_flow_mfp_x585_b5l06alaserjet_enterprise_mfp_m528_1pv65alaserjet_managed_flow_mfp_e72525_x3a60alaserjet_managed_flow_mfp_m577_b5l49alaserjet_managed_mfp_e72535_z8z06alaserjet_managed_mfp_e87660_z8z12alaserjet_managed_mfp_e82560_x3a75alaserjet_managed_flow_mfp_e72525_x3a65alaserjet_managed_mfp_e87640_z8z17alaserjet_managed_mfp_e72430_5cm71alaserjet_managed_flow_mfp_e82550_x3a79alaserjet_managed_e85055_t3u66alaserjet_enterprise_m604_e6b68aofficejet_enterprise_x555_c2s11alaserjet_managed_mfp_e72430_5cm72alaserjet_managed_m651_cz256apagewide_enterprise_flow_mfp_780f_j7z10alaserjet_managed_mfp_e72535_x3a62alaserjet_managed_flow_mfp_e87640_x3a92alaserjet_managed_mfp_e82550_x3a79aofficejet_enterprise_x555_c2s12alaserjet_managed_mfp_e72535_x3a63alaserjet_managed_flow_mfp_e52545c_3gy20alaserjet_managed_mfp_e82550_x3a69alaserjet_managed_flow_mfp_e62555_j8j80alaserjet_managed_mfp_e82560_x3a71apagewide_managed_mfp_p77960_2gp23alaserjet_managed_mfp_e72425_5cm70alaserjet_managed_flow_mfp_e72530_x3a66alaserjet_enterprise_flow_mfp_m880z_l3u51alaserjet_enterprise_mfp_m631_j8j64alaserjet_managed_mfp_e82560_z8z19laserjet_managed_flow_mfp_e87640_z8z12apagewide_managed_mfp_p77960_5zn98alaserjet_managed_flow_mfp_m630_p7z48apagewide_managed_flow_mfp_e77650_z5g79alaserjet_enterprise_m4555_mfp_ce503alaserjet_managed_mfp_e77428_5rc92alaserjet_enterprise_m806_cz244alaserjet_managed_flow_mfp_e72525_x3a63apagewide_mfp_779_4pz46apagewide_managed_mfp_p77940_y3z62alaserjet_managed_mfp_e62555_j8j66apagewide_enterprise_flow_mfp_586z_g1w40alaserjet_managed_m605_l3u53alaserjet_managed_mfp_e72525_x3a63alaserjet_enterprise_m608_k0q18apagewide_managed_mfp_p77940_2gp23alaserjet_enterprise_flow_mfp_m680_ca251alaserjet_managed_mfp_e87660_x3a86alaserjet_enterprise_m651_cz256alaserjet_enterprise_flow_mfp_m575_cd644apagewide_managed_mfp_p77950_2gp23apagewide_managed_e55650_l3u44alaserjet_enterprise_m609_k0q20apagewide_enterprise_556_g1w46apagewide_managed_mfp_p77950_5zp01alaserjet_managed_mfp_e77825_z8z02alaserjet_managed_flow_mfp_e62555_j8j79alaserjet_managed_flow_mfp_e87640_x3a87aofficejet_managed_mfp_x585_l3u40alaserjet_managed_mfp_e72535_x3a59alaserjet_managed_mfp_e82550_x3a72alaserjet_enterprise_flow_mfp_m880z_d7p70alaserjet_enterprise_m651_l8z07alaserjet_managed_flow_mfp_e77830_z8z01alaserjet_managed_mfp_e72530_x3a63alaserjet_managed_flow_mfp_e82560_z8z22alaserjet_managed_flow_mfp_e77830_x3a80apagewide_managed_mfp_p77960_y3z61alaserjet_enterprise_m606_e6b72alaserjet_enterprise_m605_e6b71alaserjet_managed_mfp_e62555_j8j73apagewide_managed_flow_mfp_e77660z_j7z05alaserjet_managed_mfp_e87660_x3a90alaserjet_managed_e65050_l3u56alaserjet_managed_flow_mfp_m830_l3u65alaserjet_managed_flow_mfp_e77830_z8z05alaserjet_enterprise_m607_k0q15apagewide_managed_mfp_p77960_2gp22alaserjet_managed_flow_mfp_e82540_az8z20alaserjet_enterprise_flow_mfp_m630_l3u62alaserjet_enterprise_m750_d3l08alaserjet_enterprise_m856_t3u51alaserjet_managed_mfp_e62555_j8j79alaserjet_enterprises_cp5525_ce709aofficejet_enterprise_flow_mfp_x585_b5l06alaserjet_managed_flow_mfp_e62565_j8j66alaserjet_managed_mfp_m577_b5l49alaserjet_managed_e65060_l3u55alaserjet_managed_flow_mfp_e87640_z8z13alaserjet_enterprise_m607_k0q14alaserjet_cm4540_mfp_cc421alaserjet_managed_flow_mfp_e72525_z8z06alaserjet_managed_flow_mfp_e82540_x3a71alaserjet_enterprise_m653_j8a06apagewide_managed_e75160_j7z06apagewide_managed_mfp_p77960_5zp00alaserjet_managed_flow_mfp_e62575_j8j73alaserjet_managed_mfp_e72530_z8z010alaserjet_managed_mfp_e87650_x3a89apagewide_managed_mfp_e58650dn_l3u43alaserjet_managed_e60075_m0p40alaserjet_managed_mfp_e87660_x3a93alaserjet_enterprise_m506_f2a69alaserjet_managed_mfp_e82540_x3a71apagewide_managed_mfp_p77940_5zp01alaserjet_enterprise_mfp_m633_j8j76alaserjet_managed_mfp_e82550_z8z19laserjet_enterprise_flow_mfp_m681_j8a13alaserjet_managed_flow_mfp_e62555_j8j67apagewide_managed_mfp_p77440_y3z60alaserjet_managed_m506_f2a71alaserjet_enterprise_600_m603_ce995alaserjet_managed_flow_mfp_e67550_l3u67alaserjet_enterprise_flow_mfp_m633_j8j78alaserjet_managed_mfp_e77830_x3a78apagewide_managed_mfp_p77940_5zn99apagewide_enterprise_mfp_586_g1w39alaserjet_managed_flow_mfp_e67550_l3u66alaserjet_managed_flow_mfp_e87650_x3a89alaserjet_managed_mfp_e72430_5cm68apagewide_managed_flow_mfp_e77660z_z5g77alaserjet_managed_flow_mfp_m880zm_a2w76alaserjet_managed_mfp_e67560_l3u70alaserjet_managed_m605_e6b71alaserjet_managed_e50145_1pu52alaserjet_managed_flow_mfp_e72525_z8z09alaserjet_enterprise_mfp_m527_f2a81alaserjet_enterprise_500_mfp_m525f_cf116alaserjet_managed_flow_mfp_e82540_z8z18alaserjet_enterprise_m506_f2a68alaserjet_managed_e60075_m0p35alaserjet_enterprise_m507_1pv86alaserjet_enterprise_m608_m0p32alaserjet_enterprise_m553_b5l26apagewide_managed_mfp_p77940_5zp00alaserjet_enterprise_mfp_m528_1ps54alaserjet_managed_500_mfp_m525_l3u59alaserjet_managed_mfp_e72425_5cm68alaserjet_managed_mfp_e72525_x3a60alaserjet_enterprise_mfp_m681_j8a13alaserjet_enterprise_mfp_m725_cf066alaserjet_managed_flow_mfp_e77825_x3a80alaserjet_managed_mfp_e77830_x3a81apagewide_managed_mfp_e58650dn_l3u42alaserjet_managed_mfp_e87650_x3a92alaserjet_managed_flow_mfp_e87660_z8z13alaserjet_managed_mfp_e82550_x3a82alaserjet_managed_mfp_e77825_z8z04alaserjet_managed_m506_f2a70alaserjet_managed_flow_mfp_e82540_x3a68alaserjet_managed_mfp_e77825_z8z00apagewide_enterprise_flow_mfp_785_j7z12alaserjet_enterprise_flow_mfp_m525_cf116alaserjet_managed_mfp_e72535_z8z07alaserjet_enterprise_flow_mfp_m631_j8j65alaserjet_managed_m651_h0dc9alaserjet_managed_flow_mfp_e87640_x3a86alaserjet_managed_e50045_3gn19alaserjet_enterprise_m653_j8a04alaserjet_enterprise_flow_mfp_m577_b5l54alaserjet_enterprise_flow_mfp_m577_b5l47alaserjet_managed_flow_mfp_m880zm_l3u51alaserjet_enterprise_600_m602_ce992alaserjet_enterprise_m605_e6b69alaserjet_managed_mfp_e52645_1pv65alaserjet_enterprise_flow_mfp_m630_p7z47alaserjet_managed_mfp_m725_cf066alaserjet_enterprise_m507_1pv89alaserjet_managed_mfp_e82540_x3a69alaserjet_managed_mfp_e87660_z8z15alaserjet_managed_mfp_m630_b3g84alaserjet_managed_flow_mfp_e77830_x3a83alaserjet_managed_mfp_e87660_z8z16alaserjet_enterprise_mfp_m725_cf068alaserjet_managed_flow_mfp_e87640_x3a90alaserjet_managed_mfp_e82550_x3a71apagewide_managed_mfp_p77950_y3z66alaserjet_managed_mfp_e72530_x3a66alaserjet_enterprise_flow_mfp_m681_j8a10alaserjet_managed_flow_mfp_e82540_z8z22alaserjet_managed_mfp_e72425_5cm71alaserjet_managed_flow_mfp_e82560_z8z18alaserjet_enterprise_700_m712_cf236alaserjet_enterprise_mfp_m631_j8j63alaserjet_managed_flow_mfp_e72530_x3a63alaserjet_managed_500_mfp_m575_l3u45alaserjet_managed_e65060_l3u56alaserjet_managed_flow_mfp_e87650_z8z13alaserjet_enterprise_mfp_m632_j8j70apagewide_enterprise_556_g1w46vlaserjet_managed_e85055_t3u51alaserjet_managed_mfp_e72425_5cm69alaserjet_enterprise_flow_mfp_m632_j8j71alaserjet_enterprise_m751_t3u43alaserjet_managed_mfp_e62555_j8j80alaserjet_enterprise_m651_cz257alaserjet_managed_mfp_e77422_5cm76alaserjet_managed_flow_mfp_e82560_x3a71alaserjet_managed_mfp_e87650_x3a90alaserjet_managed_mfp_e77822_z8z00alaserjet_managed_flow_mfp_e87650_x3a92alaserjet_managed_mfp_e67550_l3u69alaserjet_managed_mfp_e52645_1pv49alaserjet_enterprise_flow_mfp_m575_cd646alaserjet_enterprise_mfp_m632_j8j71alaserjet_managed_flow_mfp_e82540_z8z19laserjet_enterprise_m806_cz245alaserjet_enterprise_mfp_m528_1pv66alaserjet_managed_flow_mfp_e52545c_3gy19alaserjet_enterprise_500_m551_cf083alaserjet_managed_e60065_m0p40alaserjet_managed_flow_mfp_e62575_j8j79apagewide_mfp_774_4pz43alaserjet_managed_mfp_e87640_z8z13alaserjet_enterprises_cp5525_ce707alaserjet_managed_mfp_e82540_z8z23apagewide_managed_mfp_p77940_2gp22alaserjet_managed_e60075_m0p36alaserjet_enterprise_700_mfp_m775_cc523alaserjet_enterprise_mfp_m682_j8a16alaserjet_managed_mfp_e77428_5cm76alaserjet_managed_e60055_m0p35alaserjet_managed_mfp_e77422_5cm79alaserjet_managed_mfp_e72430_5rc90alaserjet_managed_mfp_m725_l3u63alaserjet_managed_mfp_e62565_j8j67alaserjet_enterprise_m855_a2w78aofficejet_enterprise_mfp_x585_b5l04alaserjet_managed_flow_mfp_e87640_z8z16alaserjet_managed_e75245_t3u44alaserjet_managed_mfp_e87650_x3a87alaserjet_managed_flow_mfp_m680_l3u48apagewide_mfp_779_4pz45alaserjet_managed_flow_mfp_e72535_x3a59alaserjet_managed_flow_mfp_e82560_x3a75alaserjet_managed_mfp_e82550_x3a75alaserjet_enterprise_m856_t3u66alaserjet_managed_flow_mfp_e82550_x3a74alaserjet_managed_flow_mfp_e67550_l3u69alaserjet_managed_mfp_e87640_x3a92apagewide_enterprise_mfp_586_g1w40alaserjet_managed_mfp_e82550_z8z22alaserjet_managed_flow_mfp_e77822_z8z01alaserjet_managed_mfp_e87660_z8z13apagewide_managed_mfp_p77940_y3z65alaserjet_enterprise_m609_k0q21alaserjet_managed_mfp_e72525_z8z09alaserjet_managed_flow_mfp_e87650_z8z12alaserjet_managed_mfp_e62565_j8j73alaserjet_enterprise_500_mfp_m575_cd644alaserjet_managed_mfp_e87640_x3a87alaserjet_enterprise_m605_e6b70alaserjet_managed_mfp_m680_l3u48alaserjet_enterprise_m606_e6b73alaserjet_enterprise_m608_k0q19alaserjet_managed_flow_mfp_e87660_z8z16alaserjet_enterprise_m750_d3l09alaserjet_managed_mfp_e52545_3gy20aofficejet_enterprise_flow_mfp_x585_b5l07alaserjet_managed_mfp_e87660_x3a87alaserjet_enterprise_mfp_m725_l3u63apagewide_managed_mfp_p77950_y3z63alaserjet_managed_mfp_e87650_z8z14alaserjet_managed_m651_l8z07apagewide_managed_mfp_e77650_z5g79alaserjet_managed_flow_mfp_m880zm_l3u52apagewide_managed_mfp_p77950_y3z68alaserjet_managed_mfp_e77822_x3a78alaserjet_managed_e50145_1pv87alaserjet_managed_mfp_e62565_j8j80apagewide_managed_mfp_p77960_5zp01alaserjet_enterprise_600_m601_ce990alaserjet_managed_flow_mfp_e62565_j8j73alaserjet_enterprise_flow_mfp_m682_j8a16alaserjet_managed_flow_mfp_e87650_z8z17alaserjet_managed_mfp_e77830_z8z00alaserjet_enterprise_mfp_m681_j8a11a_laserjet_managed_flow_mfp_e87660_x3a93alaserjet_enterprise_mfp_m527_f2a77alaserjet_managed_mfp_e72525_z8z06alaserjet_enterprise_mfp_m528_1ps55alaserjet_managed_flow_mfp_e62565_j8j67apagewide_enterprise_mfp_780_j7z10alaserjet_enterprise_flow_mfp_m830_cf367alaserjet_managed_flow_mfp_e82550_x3a68alaserjet_enterprise_flow_mfp_m527z_f2a76alaserjet_managed_flow_mfp_e82540_x3a75alaserjet_managed_flow_mfp_e72535_x3a62alaserjet_managed_flow_mfp_e87640_x3a89alaserjet_enterprise_mfp_m527_f2a78alaserjet_managed_mfp_e72535_z8z010alaserjet_cm4540_mfp_cc419alaserjet_managed_flow_mfp_e72530_x3a59alaserjet_managed_mfp_e72530_x3a62alaserjet_enterprise_m507_1pu51apagewide_managed_mfp_p77960_2gp26alaserjet_enterprise_mfp_m682_j8a17alaserjet_managed_mfp_e87640_z8z15alaserjet_managed_flow_mfp_e87650_x3a93alaserjet_managed_mfp_e87650_z8z12alaserjet_managed_flow_mfp_e72530_x3a60alaserjet_managed_mfp_e77422_5cm78alaserjet_enterprise_m604_e6b67alaserjet_managed_flow_mfp_e72535_z8z010alaserjet_enterprise_flow_mfp_m577_b5l48alaserjet_managed_flow_mfp_e82560_az8z20alaserjet_managed_flow_mfp_e87650_z8z14apagewide_managed_flow_mfp_e58650z_l3u42alaserjet_managed_flow_mfp_e87660_z8z12alaserjet_enterprise_flow_mfp_m632_j8j70alaserjet_enterprise_m553_b5l25alaserjet_enterprise_700_mfp_m775_l3u49aofficejet_enterprise_mfp_x585_b5l05apagewide_enterprise_765_j7z04alaserjet_managed_mfp_e82540_x3a68alaserjet_managed_mfp_e72430_5cm69alaserjet_managed_flow_mfp_e87660_z8z17alaserjet_managed_mfp_e72530_z8z011alaserjet_enterprise_m651_cz255alaserjet_enterprise_mfp_m681_j8a10apagewide_managed_mfp_e77650_j7z14alaserjet_managed_mfp_e52645_1pv66alaserjet_enterprise_flow_mfp_m880z_d7p71alaserjet_enterprise_m856_t3u52alaserjet_managed_mfp_e87660_x3a92alaserjet_managed_mfp_m775_cc522alaserjet_managed_mfp_e67550_l3u70alaserjet_managed_mfp_e82560_z8z18apagewide_managed_mfp_p77940_y3z61alaserjet_managed_mfp_e82540_x3a75alaserjet_enterprise_mfp_m630_b3g84apagewide_managed_mfp_p77960_y3z68alaserjet_managed_e60055_m0p36alaserjet_managed_mfp_e77825_x3a81alaserjet_managed_flow_mfp_e87660_z8z15alaserjet_enterprise_m750_d3l10alaserjet_managed_mfp_e72525_x3a62apagewide_managed_flow_mfp_e77660z_j7z13alaserjet_enterprise_flow_mfp_m880z_l3u52alaserjet_managed_mfp_m577_b5l50adigital_sender_flow_8500_fn2_document_capture_workstation_l2762alaserjet_managed_mfp_e52645_1ps55alaserjet_managed_flow_mfp_e87640_z8z14alaserjet_managed_mfp_e67560_l3u66alaserjet_managed_mfp_m725_cf069alaserjet_managed_flow_mfp_m577_b5l50alaserjet_managed_e55040dw_3gx98ascanjet_enterprise_flow_n9120_fn2_document_scanner_l2763alaserjet_enterprise_mfp_m680_cz250alaserjet_enterprise_mfp_m776_t3u56alaserjet_managed_mfp_e82550_x3a74afuturesmart_3laserjet_enterprise_m751_t3u64alaserjet_enterprise_flow_mfp_m525_cf118alaserjet_enterprise_mfp_m680_ca251alaserjet_managed_mfp_e87640_x3a93alaserjet_managed_mfp_e67550_l3u66alaserjet_managed_mfp_e77428_5cm75alaserjet_managed_flow_mfp_e62565_j8j74alaserjet_managed_mfp_m775_cf304alaserjet_managed_flow_mfp_e72530_x3a65alaserjet_managed_e65060_l3u57alaserjet_managed_flow_mfp_e72535_z8z07alaserjet_managed_flow_mfp_m527z_f2a80alaserjet_managed_mfp_e72425_5rc90apagewide_managed_mfp_p77960_2gp25apagewide_enterprise_mfp_780_j7z09alaserjet_managed_mfp_e87660_z8z17alaserjet_enterprise_m605_l3u53alaserjet_managed_flow_mfp_e87660_x3a87alaserjet_managed_mfp_e72430_5cm70alaserjet_managed_mfp_e72535_z8z09alaserjet_managed_flow_mfp_e77822_z8z05alaserjet_managed_flow_mfp_e62555_j8j66alaserjet_managed_mfp_e62565_j8j66alaserjet_enterprise_500_m551_cf082alaserjet_enterprise_m855_d7p72alaserjet_managed_e50145_1pv86alaserjet_managed_mfp_e82540_x3a74alaserjet_managed_flow_mfp_e72535_x3a66alaserjet_enterprise_mfp_m528_1pv64alaserjet_enterprise_mfp_m630_l3u61alaserjet_managed_mfp_m725_l3u64alaserjet_enterprise_mfp_m577_b5l54alaserjet_managed_mfp_e72425_5rc89apagewide_managed_mfp_p77960_y3z64alaserjet_managed_m553_b5l25alaserjet_managed_mfp_e72535_x3a65apagewide_enterprise_556_g1w47alaserjet_managed_mfp_e87650_z8z13alaserjet_managed_flow_mfp_e82550_x3a75ascanjet_enterprise_8500_fn1_document_capture_workstation_l2717apagewide_managed_mfp_p77950_2gp25apagewide_managed_mfp_e77650_j7z05alaserjet_managed_flow_mfp_e67560_l3u67alaserjet_managed_flow_mfp_e62575_j8j80alaserjet_managed_mfp_e72530_z8z07alaserjet_managed_flow_mfp_e77822_x3a83alaserjet_managed_flow_mfp_e77825_x3a77alaserjet_managed_flow_mfp_e72530_z8z09alaserjet_managed_m506_f2a66apagewide_managed_mfp_p77950_y3z61alaserjet_enterprise_mfp_m528_1pv67apagewide_managed_mfp_p77960_y3z66alaserjet_managed_mfp_e52645_1ps54alaserjet_enterprise_700_m712_cf238alaserjet_managed_flow_mfp_e77830_z8z0alaserjet_managed_m506_f2a67alaserjet_managed_flow_mfp_e87660_x3a90alaserjet_managed_mfp_e77825_x3a78alaserjet_enterprise_flow_mfp_m776_t3u56alaserjet_managed_mfp_e82550_z8z18alaserjet_managed_flow_mfp_e87660_x3a89alaserjet_managed_flow_mfp_e87640_z8z17alaserjet_managed_m553_b5l39alaserjet_managed_mfp_e67560_l3u67alaserjet_managed_flow_mfp_e67560_l3u69apagewide_managed_flow_mfp_e77660z_z5g79alaserjet_managed_mfp_e72535_x3a66alaserjet_managed_mfp_e82560_x3a82alaserjet_managed_flow_mfp_e72525_z8z011alaserjet_managed_flow_mfp_e72530_z8z08alaserjet_managed_flow_mfp_m880zm_d7p70alaserjet_managed_flow_mfp_e77822_x3a80alaserjet_managed_flow_mfp_e67560_l3u66alaserjet_managed_m506_f2a68alaserjet_managed_flow_mfp_e82550_z8z19laserjet_managed_flow_mfp_m525_l3u60alaserjet_managed_e60065_m0p33aofficejet_managed_flow_mfp_x585_l3u41alaserjet_managed_flow_mfp_e82560_x3a72alaserjet_managed_m553_bl27alaserjet_enterprise_flow_mfp_m680_cz249apagewide_managed_flow_mfp_e77650_j7z05alaserjet_enterprise_flow_mfp_m525_cf117alaserjet_enterprise_mfp_m630_j7x28apagewide_managed_flow_mfp_e58650z_l3u43alaserjet_enterprise_flow_mfp_m680_cz250alaserjet_managed_mfp_e87640_z8z12aHP Color LaserJet Managed Printers, HP Color LaserJet Enterprise Printers
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-11992
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-1.04% / 59.50%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 15:59
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.

Action-Not Available
Vendor-n/aHP Inc.
Product-oneview_for_vmware_vcenterHPE OneView for VMware vCenter with Operations Manager and Log Insight
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-11647
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-10
Assigner-OpenText (formerly Micro Focus)
CVSS Score-6.1||MEDIUM
EPSS-0.65% / 46.23%
||
7 Day CHG~0.00%
Published-24 Jun, 2019 | 15:27
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack.

Action-Not Available
Vendor-Micro Focus International Limited
Product-netiq_self_service_password_resetMicro Focus NetIQ Self Service Password Reset.
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-11997
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-1.03% / 59.33%
||
7 Day CHG~0.00%
Published-16 Jan, 2020 | 18:55
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting. HPE has made the following software updates to resolve the vulnerability in eIUM. The eIUM 8.3 FP01 customers are advised to install eIUM83FP01Patch_QXCR1001711284.20190806-1244 patch. The eIUM 9.0 customers are advised to upgrade to eIUM 9.0 FP02 PI5 or later versions. For other versions, please, contact the product support.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-enhanced_internet_usage_managerHPE enhanced Internet Usage Manager (eIUM)
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-7881
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.61% / 72.84%
||
7 Day CHG~0.00%
Published-15 Jan, 2015 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in the server in HP Insight Control allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-insight_control_server_deploymentn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-26584
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-0.67% / 47.17%
||
7 Day CHG~0.00%
Published-03 Jun, 2021 | 10:59
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security vulnerability in HPE OneView for VMware vCenter (OV4VC) could be exploited remotely to allow Cross-Site Scripting. HPE has released the following software update to resolve the vulnerability in HPE OneView for VMware vCenter (OV4VC).

Action-Not Available
Vendor-n/aHP Inc.
Product-oneview_for_vmware_vcenterHPE OneView for VMware vCenter with Operations Manager and Log Insight
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-26582
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-0.70% / 48.37%
||
7 Day CHG~0.00%
Published-15 Apr, 2021 | 17:50
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).

Action-Not Available
Vendor-n/aMicrosoft CorporationHP Inc.Red Hat, Inc.
Product-icewall_sso_dgfwwindowsenterprise_linuxhp-uxIceWall SSO Dgfw
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2015-5441
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.94% / 77.54%
||
7 Day CHG~0.00%
Published-12 Nov, 2015 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-archsight_management_centerarcsight_loggern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2015-5444
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.66% / 73.66%
||
7 Day CHG~0.00%
Published-18 Oct, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer (SPS DAL) 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-smart_profile_server_data_analytics_layern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-7208
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-10
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.1||MEDIUM
EPSS-0.85% / 53.42%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 23:23
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2.

Action-Not Available
Vendor-n/aHP Inc.
Product-linuxkiLinuxKI
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-4658
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.72% / 49.15%
||
7 Day CHG~0.00%
Published-16 Dec, 2020 | 20:35
Updated-16 Sep, 2024 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186095.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-solarissterling_file_gatewaylinux_kernelihp-uxwindowsaixSterling File Gateway
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-4657
Matching Score-10
Assigner-IBM Corporation
ShareView Details
Matching Score-10
Assigner-IBM Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.72% / 49.15%
||
7 Day CHG~0.00%
Published-16 Dec, 2020 | 20:35
Updated-17 Sep, 2024 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186094.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-sterling_b2b_integratorsolarislinux_kernelihp-uxwindowsaixSterling B2B Integrator
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-7896
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.49% / 82.59%
||
7 Day CHG~0.00%
Published-03 Mar, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before 7.6.1-06, and HP XP7 Global Link Manager Software (aka HGLM) 6.x through 8.x before 8.1.2-00, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-xp_p9000_tiered_storage_managerxp_p9000_replication_managerxp7_global_link_manager_softwarexp_p9000_device_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-4661
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.19% / 80.08%
||
7 Day CHG~0.00%
Published-10 Oct, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Records Manager before 7.3.5 and 8.x before 8.1 Patch 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-records_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-2640
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-3.88% / 88.87%
||
7 Day CHG~0.00%
Published-02 Oct, 2014 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-2647
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-3.40% / 87.30%
||
7 Day CHG~0.00%
Published-19 Oct, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Operations Agent in HP Operations Manager (formerly OpenView Communications Broker) before 11.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-operations_agentn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2014-2644
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-3.13% / 86.21%
||
7 Day CHG~0.00%
Published-06 Oct, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 7.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-systems_insight_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-6198
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.64% / 83.60%
||
7 Day CHG~0.00%
Published-29 Dec, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managerservice_manager_web_tierservice_manager_web_clientn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-6222
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-3.41% / 87.33%
||
7 Day CHG~0.00%
Published-23 Aug, 2014 | 23:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-6191
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.49% / 82.59%
||
7 Day CHG~0.00%
Published-17 Dec, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-operations_orchestrationn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-6220
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.49% / 82.59%
||
7 Day CHG~0.00%
Published-10 May, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Network Node Manager i (NNMi) 9.0, 9.10, and 9.20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-network_node_manager_in/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-4802
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.10% / 79.36%
||
7 Day CHG~0.00%
Published-26 Jul, 2013 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565.

Action-Not Available
Vendor-n/aHP Inc.
Product-application_lifecycle_managementn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-4842
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.26% / 80.74%
||
7 Day CHG~0.00%
Published-16 Nov, 2013 | 02:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-integrated_lights-out_4integrated_lights-out_firmwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-4845
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.53% / 82.89%
||
7 Day CHG~0.00%
Published-14 Dec, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka A909) All-in-One printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8500_firmwareofficejet_pro_8500n/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-4833
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.63% / 73.14%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-2361
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.52% / 82.80%
||
7 Day CHG~0.00%
Published-19 Jul, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-system_management_homepagen/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-2321
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.63% / 73.14%
||
7 Day CHG~0.00%
Published-02 May, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-service_manager_web_tierwindowsn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-2337
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.63% / 73.14%
||
7 Day CHG~0.00%
Published-14 Jun, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_managerservice_centern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2012-5219
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.52% / 82.80%
||
7 Day CHG~0.00%
Published-28 Apr, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-managed_printing_administrationn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2012-3251
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.63% / 73.14%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 7.11, 9.21, and 9.30, and HP Service Center Web Tier 6.28, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-service_center_web_tierservice_manager_web_tiern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2012-3255
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.61% / 72.84%
||
7 Day CHG~0.00%
Published-08 Sep, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Action-Not Available
Vendor-n/aHP Inc.
Product-business_availability_centern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 248
  • 249
  • Next
Details not found