Unrated severityNVD Advisory· Published Oct 26, 2010· Updated Apr 29, 2026

CVE-2010-3985

Description

Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

HP/Operations Orchestration3 versions
cpe:2.3:a:hp:operations_orchestration:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:hp:operations_orchestration:*:*:*:*:*:*:*:*range: <=7.5
- cpe:2.3:a:hp:operations_orchestration:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:hp:operations_orchestration:7.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdVendor Advisory
www.vupen.com/english/advisories/2010/2760nvdVendor Advisory
osvdb.org/68906nvd
secunia.com/advisories/41983nvd
www.securityfocus.com/bid/44331nvd
exchange.xforce.ibmcloud.com/vulnerabilities/62727nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000