Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.Referenceshttp://www.securitytracker.com/id?1025032http://osvdb.org/70836http://www.securityfocus.com/bid/46258http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131http://secunia.com/advisories/43058
