Cross-site scripting (XSS) vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/713012 | US Government Resource |
http://www.kb.cert.org/vuls/id/MAPG-8MCH2B |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2011-12-08 11:55
Updated : 2024-02-28 11:41
NVD link : CVE-2011-4054
Mitre link : CVE-2011-4054
CVE.ORG link : CVE-2011-4054
JSON object : View
Products Affected
ca
- siteminder
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')