CVE-2013-6222
Summary
| CVE | CVE-2013-6222 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-08-23 23:55:00 UTC |
| Updated | 2017-08-29 01:33:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in the Mobility Web Client and Service Request Catalog (SRC) components in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Service Manager | 7.21 | All | All | All |
| Application | Hp | Service Manager | 9.21 | All | All | All |
| Application | Hp | Service Manager | 9.30 | All | All | All |
| Application | Hp | Service Manager | 9.31 | All | All | All |
| Application | Hp | Service Manager | 9.32 | All | All | All |
| Application | Hp | Service Manager | 9.33 | All | All | All |
| Application | Hp | Service Manager | 7.21 | All | All | All |
| Application | Hp | Service Manager | 9.21 | All | All | All |
| Application | Hp | Service Manager | 9.30 | All | All | All |
| Application | Hp | Service Manager | 9.31 | All | All | All |
| Application | Hp | Service Manager | 9.32 | All | All | All |
| Application | Hp | Service Manager | 9.33 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SSRT101654 | HP | h20565.www2.hp.com | Vendor Advisory |
| HP Service Manager CVE-2013-6222 Multiple Cross Site Scripting and Unspecified Vulnerabilities | BID | www.securityfocus.com | |
| Security Advisory SA60028 - HP Service Manager Multiple Vulnerabilities - Secunia | SECUNIA | secunia.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| HP Service Manager Bugs Let Remote Users Gain Elevated Privileges, Modify Data, and Deny Service and Conduct Cross-Site Scripting and Cross-Site Requset Forgery Attacks - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Security Advisory SA60714 - HP Service Manager Multiple Vulnerabilities - Secunia | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.