Vulnerabilities > HP > Operations Orchestration > 7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-10 | CVE-2017-8994 | Improper Input Validation vulnerability in HP Operations Orchestration A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. | 7.5 |
| 2015-11-23 | CVE-2015-5451 | Cross-Site Request Forgery (CSRF) vulnerability in HP Operations Orchestration Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2013-12-17 | CVE-2013-6192 | Cross-Site Request Forgery (CSRF) vulnerability in HP Operations Orchestration 7.1/7.2/7.5 Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2013-12-17 | CVE-2013-6191 | Cross-Site Scripting vulnerability in HP Operations Orchestration 7.1/7.2/7.5 Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-10-26 | CVE-2010-3985 | Cross-Site Scripting vulnerability in HP Operations Orchestration 7.1/7.2/7.5 Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Explorer 6.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |