Family: CGI abuses : XSS --> Category: attack
SiteMinder Multiple Cross-Site Scripting Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple cross-site scripting vulnerabilities in SiteMinder
Detailed Explanation for this Vulnerability Test
The remote web server contains a CGI script that is affected by
several cross-site scripting vulnerabilities.
The remote host is running SiteMinder, an access-management solution
from Netegrity / Computer Associates.
The installed version of SiteMinder suffers from several cross-site
scripting flaws in its 'smpwservicescgi.exe' script. A possible hacker can
exploit these flaws to inject arbitrary HTML and script code into the
browsers of users of the affected application, thereby leading to
cookie theft, site mis-representation, and similar attacks.
See also :
Unknown at this time.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.