Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/713012 | US Government Resource |
http://www.kb.cert.org/vuls/id/MAPG-8MCH2B | |
http://www.kb.cert.org/vuls/id/713012 | US Government Resource |
http://www.kb.cert.org/vuls/id/MAPG-8MCH2B |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/713012 - US Government Resource | |
References | () http://www.kb.cert.org/vuls/id/MAPG-8MCH2B - |
Information
Published : 2011-12-08 11:55
Updated : 2024-11-21 01:31
NVD link : CVE-2011-4054
Mitre link : CVE-2011-4054
CVE.ORG link : CVE-2011-4054
JSON object : View
Products Affected
ca
- siteminder
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')