VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 31, 2010· Updated Apr 29, 2026

CVE-2010-0449

CVE-2010-0449

Description

Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

HP SOA Registry Foundation 6.63 and 6.64 are vulnerable to cross-site scripting (XSS) via unknown vectors, enabling remote attackers to inject arbitrary web script or HTML.

Vulnerability

A cross-site scripting (XSS) vulnerability exists in HP SOA Registry Foundation versions 6.63 and 6.64 running on AIX, HP-UX, Linux, Solaris, and Solaris. The vulnerability can be exploited remotely via unknown vectors [1].

Exploitation

An attacker can exploit this vulnerability remotely without authentication; no user interaction or special network position is required beyond delivering malicious script or HTML via the unknown vector [1].

Impact

Successful exploitation allows an attacker to inject arbitrary web script or HTML, leading to potential information disclosure as per the CVSS base score of 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) [1].

Mitigation

HP has released a security bulletin (HPSBMA02490 SSRT090222 rev.1) that directs users to obtain the resolution from HP. The specific fixed version is not named in the available references. Users should apply the patches as provided by HP to remediate the vulnerability [1].

References
  1. '[security bulletin] HPSBMA02490 SSRT090222 rev.1 - HP SOA Registry Foundation, Remote Unauthorized A'

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • Microfocus/Soa Registry Foundation3 versions
    cpe:2.3:a:hp:soa_registry_foundation:6.63:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:hp:soa_registry_foundation:6.63:*:*:*:*:*:*:*
    • cpe:2.3:a:hp:soa_registry_foundation:6.64:*:*:*:*:*:*:*
    • (no CPE)range: 6.63, 6.64

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.