CVE-2013-0010

Name of the Vulnerable Software and Affected Versions Microsoft System Center Operations Manager versions 2007 SP1 and R2

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via crafted input. This can be exploited by sending malicious input to the web console.

Recommendations For Microsoft System Center Operations Manager 2007 SP1, update to a version that includes the fix for this issue. For Microsoft System Center Operations Manager 2007 R2, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the web console to minimize the risk of exploitation.