6 matches found
Hyperic HQ 3.2 - 4.2-beta1 - Multiple XSS
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...
Hyperic HQ跨站脚本和脚本注入漏洞
CVECAN ID: CVE-2009-2897,CVE-2009-2898 Hyperic HQ是一个开源的IT资源管理平台。 Hyperic HQ没有正确地验证提交给mastheadAttach.do的typeId参数、Resource.do的eid参数以及admin/user /UserAdmin.do的u参数便返回给了用户,这可能导致反射式跨站脚本攻击;此外由于没有正确地过滤传送给Description参数的输入便在警告列表中返回给了用户,这可能导致存储式跨站脚本攻击。 SpringSource Hyperic HQ 4.2-beta1 SpringSource Hyperic ...
CVE-2009-2897: Hyperic HQ - Reflected XSS in stack trace
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2009-2897: Reflected XSS in stack trace Severity: Moderate Vendor: SpringSource Versions Affected: Hyperic HQ 3.2, 4.0, 4.1, 4.2-beta1. Earlier, unsupported versions may also be affected Description: The stack trace displayed on the default erro...
Core Security Technologies Advisory 2009.0812
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...
Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS
Exploit for jsp platform in category web applications ======================================= Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS ======================================= Hyperic HQ 1 is an open source monitoring software designed to manage web applications and infrastructure. It auto-discover...
Hyperic HQ Multiple XSS
Advisory ID Internal CORE-2009-0812 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Date published: 2009-10-02 Date of last update: 2009-11-23 Vendors contacted: SpringSource Release mode: Coordinated release 2. Vulnerability Information Class: Cross site...