The HP System Management Homepage (SMH) is a web-based interface that consolidates and simplifies the management of ProLiant and Integrity servers running Microsoft Windows or Linux, or HP 9000 and HP Integrity servers running HP-UX 11i.

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us

Original Advisory: https://www.securityfocus.com/archive/1/541823/30/0/threaded

See also:

Learn Pentesting like a Pro

HPE SMH XSS DOM-Based found

Product: HPE System Management Homepage Versions: ALL versions and platforms affected (Tested on v7.6.0.11 for MS Windows) Vulnerability: JavaScript Injection in file gsearch.php, parameter prod OWASP TOP 10: A1 Injection Type: Javascript Injection Impact…

Read more

5 years ago · pentesting.academy