header-logo
Suggest Exploit
vendor:
HP Network Node Manager i
by:
7.5
CVSS
HIGH
Cross-Site Scripting
79
CWE
Product Name: HP Network Node Manager i
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:hp:network_node_manager_i
Metasploit:
Other Scripts:
Platforms Tested:

Multiple Cross-Site Scripting Vulnerabilities in HP Network Node Manager i

The HP Network Node Manager i is vulnerable to multiple unspecified cross-site scripting vulnerabilities due to insufficient sanitization of user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a targeted user, potentially leading to the theft of authentication credentials and other malicious activities.

Mitigation:

To mitigate these vulnerabilities, it is recommended to apply the latest security patches or updates provided by HP. Additionally, it is advised to implement input validation and sanitization mechanisms to prevent the execution of malicious script code.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/50806/info

HP Network Node Manager i is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. 

http://www.example.com/nnm/mibdiscover?node=[xss]

Navigation

Suggest Exploit

Services By CQR