VYPR
Medium severity5.4NVD Advisory· Published Sep 8, 2016· Updated Jun 17, 2026

CVE-2016-4380

CVE-2016-4380

Description

Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Affected products

4
  • cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*+ 2 more
    • cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*range: <=9.21
    • cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*range: <=9.21
    • cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*range: <=9.21
  • Range: >=9.21.0, <9.21.130

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.