CVSS: 6.1EPSS: 0%CPEs: 47EXPL: 0CVE-2012-3293
https://notcve.org/view.php?id=CVE-2012-3293
21 Aug 2012 — Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a cross-frame scripting (XFS) issue. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en la consola de administración en IBM WebSphere Application Server (WAS) v6.1.x anterior a ... • http://www-01.ibm.com/support/docview.wss?uid=swg1PM60839 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 47EXPL: 0CVE-2012-2190
https://notcve.org/view.php?id=CVE-2012-2190
21 Aug 2012 — IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1, allows remote attackers to cause a denial of service (daemon crash) via a crafted ClientHello message in the TLS Handshake Protocol. IBM Global Security Kit (aka GSKit), utilizdo en IBM HTTP Server en IBM WebSphere Application Server (WAS) v6.1.x anterior a v6.1.0.45, v7.0.x anterior a v7.0.0.25, v8.0.x anterio... • http://www-01.ibm.com/support/docview.wss?uid=swg1PM66218 • CWE-310: Cryptographic Issues •