CVE-2013-2337

Name of the Vulnerable Software and Affected Versions HP Service Manager versions 7.11, 9.21, 9.30, 9.31 HP ServiceCenter version 6.2.8

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For HP Service Manager versions 7.11, 9.21, 9.30, 9.31, update to a version that includes the fix for this issue. For HP ServiceCenter version 6.2.8, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.