Medium severity5.4NVD Advisory· Published Sep 8, 2016· Updated Jun 17, 2026
CVE-2016-4380
CVE-2016-4380
Description
Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected products
4cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*+ 2 more
- cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*range: <=9.21
- cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*range: <=9.21
- cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*range: <=9.21
- Range: >=9.21.0, <9.21.130
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.