Critical Vulnerability Information Document ID and Version Document ID: c01762443 Version: 1 Vulnerability Overview Vulnerability ID: HPSBMA02436 SSRT080064 rev.1 Affected Product: HP Project and Portfolio Management Center (PPMC) Potential Security Impact: Remote Cross Site Scripting (XSS) Vulnerability Details Source: Hewlett-Packard Company, HP Software Security Response Team CVE Reference: CVE-2010-0452 Affected Software Versions HP PPMC 7.5 SP3 and earlier versions running on AIX, HP-UX, Redhat Linux, Suse Linux, Solaris, and Windows Server. HP PPMC 7.1 SP10 and earlier versions running on AIX, HP-UX, Redhat Linux, Suse Linux, Solaris, and Windows Server. CVSS 2.0 Base Metrics Reference: CVE-2010-0452 Base Metrics: (AV:N/AC:M/Au:N/C:P/I:N/A:N) Base Score: 4.3 Solution HP has provided the following software patches to resolve this vulnerability. For detailed patch information, refer to HP Software Support Online. Patch Location HP Software Support Online Manual Actions HP-UX: Install the appropriate patch. HP-UX HP PPMC 7.5 SP3 or earlier: Install the appropriate patch. PPMC 7.1 SP10 or earlier: Install the appropriate patch.