HPE OneView for VMware vCenter 9.5 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability


HPE OneView for VMware vCenter 9.5 suffers from  improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability


The information has been provided by Vendor

The original article can be found at:https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03957en_us


A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting.


Vulnerable Systems:

VMware vCenter 9.5


CVE Information:



Disclosure Timeline:
Published Date:12/18/2019

Categories: News