CVE-2018-6492
4.7
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Micro Focus | Network Operations Management Ultimate | 2017.07, 2017.11, 2018.02 | affected |
| Micro Focus | Network Automation | 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50 | affected |
Weaknesses
- Remote Cross-Site Scripting (XSS)
- non-persistent HTML Injection
ADP Enrichment
CVE Program Container
Additional References
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014
- http://www.securitytracker.com/id/1040900
- http://www.securityfocus.com/bid/104131
References
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158014
- http://www.securitytracker.com/id/1040900
- http://www.securityfocus.com/bid/104131
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.