CVSS: 4.3EPSS: 1%CPEs: 9EXPL: 0CVE-2011-1856
https://notcve.org/view.php?id=CVE-2011-1856
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.06 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Business Availability Center(BAC) v8.06 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través vectores no especificados. • http://secunia.com/advisories/44569 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02823184 http://www.securitytracker.com/id?1025535 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-0274
https://notcve.org/view.php?id=CVE-2011-0274
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Management (BSM) through 9.01, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidadad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Business Availability Center (BAC) v7.x hasta v8.05 y Business Service Management (BSM) v9.01, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de parámetros no especificados • http://marc.info/?l=bugtraq&m=129562482815203&w=2 http://secunia.com/advisories/43014 http://secunia.com/advisories/43018 http://securitytracker.com/id?1024986 http://www.securityfocus.com/bid/45944 http://www.vupen.com/english/advisories/2011/0188 https://exchange.xforce.ibmcloud.com/vulnerabilities/64846 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •