Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character.
References 5 Total
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B9B8E7A8A-2A00-4456-A7CC-8C2E74AA7EA5%7D
- securitytracker.com: 1029237 vdb-entry
- osvdb.org: 98919 vdb-entry
- archives.neohapsis.com: 20131024 CA20131024-01: Security Notice for CA SiteMinder mailing-list
- seclists.org: 20131024 CA20131024-01: Security Notice for CA SiteMinder mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B9B8E7A8A-2A00-4456-A7CC-8C2E74AA7EA5%7D x_transferred
- securitytracker.com: 1029237 vdb-entryx_transferred
- osvdb.org: 98919 vdb-entryx_transferred
- archives.neohapsis.com: 20131024 CA20131024-01: Security Notice for CA SiteMinder mailing-listx_transferred
- seclists.org: 20131024 CA20131024-01: Security Notice for CA SiteMinder mailing-listx_transferred