HP.Insight.Diagnostics.XSS
Description
This indicates an attack attempt against a cross-site scripting (XSS) vulnerability in the HP Insight Diagnostics.
The vulnerability is caused by an error when the vulnerable software handles a malicious uri. It allows a remote attacker to execute arbitrary code via sending a crafted request.
Affected Products
HP Insight Diagnostics Online Edition 8.4 and earlier.
Impact
System compromise.
Recommended Actions
Apply the patch supplied by the vendor:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02492472
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |