https://www.exploit-db.com/exploits/21827
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-545

CompaqInsightManagementAgents2.0版本、2.1版本、3.6.0版本、4.2版本和4.3.7版本存在跨站脚本(XSS)漏洞。远程攻击者可以借助URL注入任意web脚本或HTML，该漏洞将脚本插入到结果出错消息中。

source: http://www.securityfocus.com/bid/5780/info

It has been reported that the Compaq Insight Manager web interface is prone to cross-site scripting attacks. It is possible to construct a malicious link to a Compaq Insight Manager web interface that includes arbitrary script code. When the link is visited with a web client, the script code will execute in the context of the Compaq Insight Manager web interface.

The component which appears to be affected is Compaq Insight Management Agents. However, further details about which software is vulnerable are not available.

http://<Server IP>:2301/<script>alert('Test')</script>

来源:BID
名称:5780
链接:http://www.securityfocus.com/bid/5780
来源:www.securiteam.com
链接:http://www.securiteam.com/windowsntfocus/6G00K0A5SM.html