Back to search
CVE-2017-14357
Published: Oct 31, 2017
Modified: Sep 17, 2024
PUBLISHED
Description
A Reflected and Stored Cross-Site Scripting (XSS) vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow Reflected and Stored Cross-Site Scripting (XSS)
| Vendor | Product | Versions |
|---|---|---|
Micro Focus | HP ArcSight ESM | affected Any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1 |
Micro Focus | HP ArcSight ESM Express | affected Any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1 |
References
https://softwaresupport.hpe.com/km/KM02996760
x_refsource_CONFIRM
ESB-2017.2737
third-party-advisory
x_refsource_AUSCERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now