Core Security Technologies Advisory - Multiple cross-site scripting vulnerabilities (both stored and reflected) have been found in the web interface of Hyperic HQ, which can be exploited by an attacker to execute arbitrary JavaScript code in the context of the browser of a legitimate logged in user.
e24cd8f9420814d1efc5cad93c82dc019763d677a2ddf87759490020fa369ba3
SpringSource versions Hyperic HQ 3.2, 4.0, 4.1, and 4.2-beta1 suffer from a reflected cross site scripting vulnerability.
c64a153a6422c9754fa7f2877f9b124a2a88dc586ef80026cf60df594e722ae2