CVE-2017-8993

EUVD-2017-17933
A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
microfocusproject_and_portfolio_management
9.3.0
microfocusproject_and_portfolio_management
9.3.1
microfocusproject_and_portfolio_management
9.3.2
microfocusproject_and_portfolio_management
9.4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100087
http://www.securitytracker.com/id/1039065
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03766en_us
http://www.securityfocus.com/bid/100087
http://www.securitytracker.com/id/1039065
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03766en_us