Описание
Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character.
Комментарий
Computer Associates (CA) Reference Link: Advisory
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ca:web_agents:6.0:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:broadcom:siteminder:12.0:sp1:*:*:*:*:*:*
cpe:2.3:a:broadcom:siteminder:12.0:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:siteminder:12.0:sp3:*:*:*:*:*:*
cpe:2.3:a:broadcom:siteminder:12.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:siteminder:12.51:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00298
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character.
EPSS
Процентиль: 53%
0.00298
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79