CVE-2012-3296 in Power Hardware Management Consoleinfo

Summary

Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

06/07/2012

Disclosure

08/17/2012

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00584

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3296
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3296
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3296/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!