CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing a %00 (encoded null byte).
References
Link | Resource |
---|---|
http://i8jesus.com/?p=55 | URL Repurposed |
Configurations
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://i8jesus.com/?p=55 - URL Repurposed |
Information
Published : 2009-08-11 10:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-2704
Mitre link : CVE-2009-2704
CVE.ORG link : CVE-2009-2704
JSON object : View
Products Affected
sun
- j2ee
CWE
CWE-264
Permissions, Privileges, and Access Controls