Описание
CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing non-canonical, "overlong Unicode" in place of blacklisted characters.
Ссылки
- URL Repurposed
- URL Repurposed
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:sun:j2ee:*:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:siteminder:*:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01509
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing non-canonical, "overlong Unicode" in place of blacklisted characters.
EPSS
Процентиль: 81%
0.01509
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264