CVE-2009-4185

Description

Cross-site scripting (XSS) vulnerability in proxy/smhui/getuiinfo in HP System Management Homepage (SMH) before 6.0 allows remote attackers to inject arbitrary web script or HTML via the servercert parameter.

Software From Fixed in
hp / system_management_homepage - 3.0.2.77.x
hp / system_management_homepage 2.0.0 2.0.0.x
hp / system_management_homepage 2.0.1 2.0.1.x
hp / system_management_homepage 2.0.2 2.0.2.x
hp / system_management_homepage 2.1 2.1.x
hp / system_management_homepage 2.1.0-103 2.1.0-103.x
hp / system_management_homepage 2.1.0-103(a) 2.1.0-103(a).x
hp / system_management_homepage 2.1.0-109 2.1.0-109.x
hp / system_management_homepage 2.1.0-118 2.1.0-118.x
hp / system_management_homepage 2.1.1 2.1.1.x
hp / system_management_homepage 2.1.10 2.1.10.x
hp / system_management_homepage 2.1.10-186 2.1.10-186.x
hp / system_management_homepage 2.1.11 2.1.11.x
hp / system_management_homepage 2.1.11-197 2.1.11-197.x
hp / system_management_homepage 2.1.12-118 2.1.12-118.x
hp / system_management_homepage 2.1.12-200 2.1.12-200.x
hp / system_management_homepage 2.1.15-210 2.1.15-210.x
hp / system_management_homepage 2.1.2 2.1.2.x
hp / system_management_homepage 2.1.2-127 2.1.2-127.x
hp / system_management_homepage 2.1.3 2.1.3.x
hp / system_management_homepage 2.1.3.132 2.1.3.132.x
hp / system_management_homepage 2.1.4 2.1.4.x
hp / system_management_homepage 2.1.4-143 2.1.4-143.x
hp / system_management_homepage 2.1.5 2.1.5.x
hp / system_management_homepage 2.1.5-146 2.1.5-146.x
hp / system_management_homepage 2.1.6 2.1.6.x
hp / system_management_homepage 2.1.6-156 2.1.6-156.x
hp / system_management_homepage 2.1.7 2.1.7.x
hp / system_management_homepage 2.1.7-168 2.1.7-168.x
hp / system_management_homepage 2.1.8 2.1.8.x
hp / system_management_homepage 2.1.8-177 2.1.8-177.x
hp / system_management_homepage 2.1.9 2.1.9.x
hp / system_management_homepage 2.1.9-178 2.1.9-178.x
hp / system_management_homepage 2.2.6 2.2.6.x
hp / system_management_homepage 2.2.8 2.2.8.x
hp / system_management_homepage 3.0.0-68 3.0.0-68.x
hp / system_management_homepage 3.0.1.73 3.0.1.73.x