CVE-2013-2337

Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: Jun 14, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-2337
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
hp / service_manager	9.30	9.30.x
hp / service_manager	7.11	7.11.x
hp / service_manager	9.21	9.21.x
hp / service_manager	9.31	9.31.x
hp / service_center	6.2.8	6.2.8.x

http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03784101

Vulnerability Database

289,697

CVE-2013-2337