Vulnerabilities > HP > Operations Manager > 9.21
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-09-08 | CVE-2016-4380 | Cross-site Scripting vulnerability in HP Operations Manager 9.21 Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x before 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2016-08-01 | CVE-2016-4373 | Improper Access Control vulnerability in HP Operations Manager 9.20.0/9.21/9.21.120 The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | 9.8 |