HP System Management Homepage (SMH) for Linux, Windows, and HP-UX Cross Site Scripting Vulnerability

HP System Management Homepage (SMH) for Linux, Windows, and HP-UX Cross Site Scripting Vulnerability

HP System Management Homepage is prone to a cross-site scripting vulnerability.

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.

These versions are affected:

HP System Management Homepage (SMH) prior to 2.1.10 for Linux and Windows
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31