exploitDog

CVE-2003-1311

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter.

Ссылки

http://curl.haxx.se/mail/archive-2003-05/0172.html
Exploit
http://www.osvdb.org/30741
Exploit
http://curl.haxx.se/mail/archive-2003-05/0172.html
Exploit
http://www.osvdb.org/30741
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:netegrity:siteminder:*:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01146

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-m87c-4frp-hf77

github

почти 4 года назад

siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter.

EPSS

Процентиль: 78%

0.01146

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other