header-logo
Suggest Exploit
vendor:
SiteMinder
by:
SecurityFocus
N/A
CVSS
N/A
Security Bypass
Unknown
CWE
Product Name: SiteMinder
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: None
CPE: None
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2008

Computer Associates SiteMinder Security Bypass Vulnerability

Computer Associates SiteMinder is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. An attacker can exploit this issue to bypass cross-site scripting protections. Successful exploits can aid in further attacks.

Mitigation:

None
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36088/info

Computer Associates SiteMinder is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input.

An attacker can exploit this issue to bypass cross-site scripting protections. Successful exploits can aid in further attacks.

We don't know which versions of SiteMinder are affected. We will update this BID when more details become available.

http://www.example.com/app/function?foo=bar%e0%80%bc

Navigation

Suggest Exploit

Services By CQR