Cross-Site Scripting Vulnerability in RSA Authentication Agent for Web
CVE-2005-3329

Currently unrated

Key Information:

Vendor: Rsa
Status: Authentication Agent For Web
Vendor: CVE Published:; 27 October 2005

What is CVE-2005-3329?

This vulnerability allows remote attackers to exploit the RSA Authentication Agent for Web by injecting arbitrary web scripts or HTML code through the image parameter in a GetPic operation. If successfully executed, this could enable attackers to execute malicious scripts within the context of the user's browser, potentially leading to theft of sensitive information or session hijacking.

References

http://secunia.com/advisories/17331

third-party-advisoryx_refsource_SECUNIA

http://securityreason.com/securityalert/116

third-party-advisoryx_refsource_SREASON

http://marc.info/?l=bugtraq&m=113028928630700&w=2

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 27, 2005
Vulnerability Reserved
Oct 27, 2005

JSON

Rsa

What is CVE-2005-3329?

References

Timeline