CVE-2012-3296

N/A Unknown

Published: August 17, 2012 Modified: April 29, 2026

Description

Cross-site scripting (XSS) vulnerability in the Help link in the login panel in IBM Power Hardware Management Console (HMC) 7R7.1.0 before SP4, 7R7.2.0 before SP2, and 7R7.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/50376

Source: psirt@us.ibm.com

http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_the_help_link_on_the_power_hmc_login_panel_is_susceptible_to_reflected_cross_site_scripting_cve_2012_329617

Source: psirt@us.ibm.com

Vendor Advisory

http://www.ibm.com/support/docview.wss?uid=isg1MB03488

Source: psirt@us.ibm.com

http://www.ibm.com/support/docview.wss?uid=isg1MB03489

Source: psirt@us.ibm.com

http://www.ibm.com/support/docview.wss?uid=isg1MB03494

Source: psirt@us.ibm.com

http://www.ibm.com/support/fixcentral/firmware/readme?fixid=MH01253

Source: psirt@us.ibm.com

http://www.ibm.com/support/fixcentral/firmware/readme?fixid=MH01257

Source: psirt@us.ibm.com

http://www.ibm.com/support/fixcentral/firmware/readme?fixid=MH01258

Source: psirt@us.ibm.com

http://www.securitytracker.com/id?1027433

Source: psirt@us.ibm.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/77288

Source: psirt@us.ibm.com

http://secunia.com/advisories/50376

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_the_help_link_on_the_power_hmc_login_panel_is_susceptible_to_reflected_cross_site_scripting_cve_2012_329617

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.ibm.com/support/docview.wss?uid=isg1MB03488

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ibm.com/support/docview.wss?uid=isg1MB03489

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ibm.com/support/docview.wss?uid=isg1MB03494

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ibm.com/support/fixcentral/firmware/readme?fixid=MH01253

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ibm.com/support/fixcentral/firmware/readme?fixid=MH01257

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ibm.com/support/fixcentral/firmware/readme?fixid=MH01258

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1027433

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/77288

Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.6%

74th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

ibm

Related CVEs

CVE-2026-58000 8.8

CVE-2026-57999 8.8

CVE-2026-53428 N/A

CVE-2026-53427 N/A

CVE-2026-13757 6.2