• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

HP System Management Homepage (SMH) 'message.php' Cross Site Scripting Vulnerability

Bugtraq ID:	30846
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Aug 26 2008 12:00AM
Updated:	Aug 29 2008 05:34PM
Credit:	Luca Carettoni, Claudio Criscione, and Lavakumar Kuppan
Vulnerable:	HP System Management Homepage 2.1.12 HP System Management Homepage 2.1.11 HP System Management Homepage 2.1.10 HP System Management Homepage 2.1.9 HP System Management Homepage 2.1.8 HP System Management Homepage 2.1.7 HP System Management Homepage 2.1.6 HP System Management Homepage 2.1.5 HP System Management Homepage 2.1.4 HP System Management Homepage 2.1.3 .132 HP System Management Homepage 2.1.3 HP System Management Homepage 2.1.2 HP System Management Homepage 2.1.2 HP System Management Homepage 2.1.1 HP System Management Homepage 2.1 HP System Management Homepage 2.0.2 HP System Management Homepage 2.0.1 HP System Management Homepage 2.0 HP HP-UX B.11.31 HP HP-UX B.11.23 HP HP-UX B.11.11
Not Vulnerable: