Vulnerability Details CVE-2013-4802
Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka ZDI-CAN-1565.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/95646
- http://secunia.com/advisories/53950
- http://www.securityfocus.com/bid/61450
- http://www.securitytracker.com/id/1028834
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85948
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03864640
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03864640
- http://osvdb.org/95646
- http://secunia.com/advisories/53950
- http://www.securityfocus.com/bid/61450
- http://www.securitytracker.com/id/1028834
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85948
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03864640
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03864640
Products affected by CVE-2013-4802
-
cpe:2.3:a:hp:application_lifecycle_management:-
-
cpe:2.3:a:hp:application_lifecycle_management:11.00
-
cpe:2.3:a:hp:application_lifecycle_management:11.50