vulnerability

HP iLO: CVE-2023-28083: Remote Cross Site Scripting (XSS)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:A/AC:M/Au:S/C:C/I:C/A:P)	Mar 22, 2023	Jun 14, 2023	Aug 11, 2025

Severity

CVSS

(AV:A/AC:M/Au:S/C:C/I:C/A:P)

Published

Mar 22, 2023

Added

Jun 14, 2023

Modified

Aug 11, 2025

Description

A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out.

Solutions

hp-ilo-4-upgrade-2_82hp-ilo-5-upgrade-2_78hp-ilo-6-upgrade-1_20

References

CVE-2023-28083
https://attackerkb.com/topics/CVE-2023-28083
CWE-79
URL-https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04456en_us

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today