Primary

Context

Poly Clariti Manager XSS Filter Bypass Vulnerability

Vulnerability

A vulnerability in Poly Clariti Manager versions prior to 10.12.2 allows for a bypass of the application's cross-site scripting (XSS) filter. This is achieved by submitting untrusted characters, potentially leading to the execution of malicious scripts. HP has released a patch for this vulnerability in the latest software update.

Impact

Exploitation of this vulnerability could lead to cross-site scripting, allowing attackers to inject malicious scripts that could be executed in the context of the user's browser.

Remediation

Users are advised to update to version 10.12.2 or later. The latest builds can be obtained through the Poly Lens Management Console.

Added: Jul 23, 2025, 12:19 AM

Updated: Jul 23, 2025, 12:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

3.5

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

3.5

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Poly Clariti Manager XSS Filter Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating