virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in HP Power Manager 4.3.3

description-logoDescription

Multiple cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information.

affected-products-logoAffected Applications

HP Power Manager

CVE References

CVE-2011-0280 CVE-2011-0277

Other References

https://securitytracker.com/id?1025032
ID 2362
Created Sep 09, 2021
Description
Updated		 Nov 07, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor HP
Patch manual
Application HP Power Manager