What is the severity of CVE-2012-3293?

CVE-2012-3293 is classified as a medium severity cross-site scripting (XSS) vulnerability.

How do I fix CVE-2012-3293?

To fix CVE-2012-3293, upgrade the IBM WebSphere Application Server to the appropriate version that addresses this vulnerability.

Which versions of IBM WebSphere Application Server are affected by CVE-2012-3293?

CVE-2012-3293 affects IBM WebSphere Application Server versions 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1.

What type of vulnerability is CVE-2012-3293?

CVE-2012-3293 is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML.

Can CVE-2012-3293 be exploited remotely?

Yes, CVE-2012-3293 can be exploited remotely by attackers to execute malicious scripts within a user's browser.

Vulnerability/
CVE-2012-3293

medium

4.3

CWE

21/8/2012

6/8/2024

CVE-2012-3293: XSS

First published: Tue Aug 21 2012(Updated: )

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a cross-frame scripting (XFS) issue.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.12
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.25
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.27
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.29
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.31
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.33
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.35
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.37
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.39
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.41
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.43
IBM WebSphere Application Server Feature Pack for Web Services	=7.0
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.4
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.6
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.8
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-3293?
CVE-2012-3293 is classified as a medium severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2012-3293?
To fix CVE-2012-3293, upgrade the IBM WebSphere Application Server to the appropriate version that addresses this vulnerability.
Which versions of IBM WebSphere Application Server are affected by CVE-2012-3293?
CVE-2012-3293 affects IBM WebSphere Application Server versions 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1.
What type of vulnerability is CVE-2012-3293?
CVE-2012-3293 is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML.
Can CVE-2012-3293 be exploited remotely?
Yes, CVE-2012-3293 can be exploited remotely by attackers to execute malicious scripts within a user's browser.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/last-modified-date
agent/author
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/6.1.0
version/ibm websphere application server feature pack for web services/6.1.0.0
version/ibm websphere application server feature pack for web services/6.1.0.1
version/ibm websphere application server feature pack for web services/6.1.0.2
version/ibm websphere application server feature pack for web services/6.1.0.3
version/ibm websphere application server feature pack for web services/6.1.0.5
version/ibm websphere application server feature pack for web services/6.1.0.7
version/ibm websphere application server feature pack for web services/6.1.0.9
version/ibm websphere application server feature pack for web services/6.1.0.11
version/ibm websphere application server feature pack for web services/6.1.0.12
version/ibm websphere application server feature pack for web services/6.1.0.15
version/ibm websphere application server feature pack for web services/6.1.0.17
version/ibm websphere application server feature pack for web services/6.1.0.19
version/ibm websphere application server feature pack for web services/6.1.0.21
version/ibm websphere application server feature pack for web services/6.1.0.23
version/ibm websphere application server feature pack for web services/6.1.0.25
version/ibm websphere application server feature pack for web services/6.1.0.27
version/ibm websphere application server feature pack for web services/6.1.0.29
version/ibm websphere application server feature pack for web services/6.1.0.31
version/ibm websphere application server feature pack for web services/6.1.0.33
version/ibm websphere application server feature pack for web services/6.1.0.35
version/ibm websphere application server feature pack for web services/6.1.0.37
version/ibm websphere application server feature pack for web services/6.1.0.39
version/ibm websphere application server feature pack for web services/6.1.0.41
version/ibm websphere application server feature pack for web services/6.1.0.43
version/ibm websphere application server feature pack for web services/7.0
version/ibm websphere application server feature pack for web services/7.0.0.1
version/ibm websphere application server feature pack for web services/7.0.0.2
version/ibm websphere application server feature pack for web services/7.0.0.3
version/ibm websphere application server feature pack for web services/7.0.0.4
version/ibm websphere application server feature pack for web services/7.0.0.5
version/ibm websphere application server feature pack for web services/7.0.0.6
version/ibm websphere application server feature pack for web services/7.0.0.7
version/ibm websphere application server feature pack for web services/7.0.0.8
version/ibm websphere application server feature pack for web services/7.0.0.9
version/ibm websphere application server feature pack for web services/7.0.0.11
version/ibm websphere application server feature pack for web services/7.0.0.13
version/ibm websphere application server feature pack for web services/7.0.0.15
version/ibm websphere application server feature pack for web services/7.0.0.17
version/ibm websphere application server feature pack for web services/7.0.0.19
version/ibm websphere application server feature pack for web services/7.0.0.21
version/ibm websphere application server feature pack for web services/7.0.0.23
version/ibm websphere application server feature pack for web services/8.0.0.0
version/ibm websphere application server feature pack for web services/8.0.0.1
version/ibm websphere application server feature pack for web services/8.0.0.2
version/ibm websphere application server feature pack for web services/8.0.0.3
version/ibm websphere application server feature pack for web services/8.5.0.0