Skip to main content
CVE-2016-4380 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Operations Manager
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-4381 MEDIUM PATCH This Month

HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required.

Privilege Escalation Xp7 Command View
NVD
CVSS 3.0
4.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy