Cross-Site Scripting Vulnerability in CA eTrust SiteMinder Agent
CVE-2007-5923

Currently unrated

Key Information:

Vendor: Broadcom
Status: Etrust Siteminder
Vendor: CVE Published:; 10 November 2007

What is CVE-2007-5923?

The eTrust SiteMinder Agent from CA is susceptible to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML into the application via the SMAUTHREASON parameter. This exposure poses significant security risks, enabling attackers to potentially manipulate user sessions and gain unauthorized access to sensitive information.

References

http://www.securityfocus.com/archive/1/483367/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/26375

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Nov 10, 2007
Vulnerability Reserved
Nov 9, 2007

Broadcom

What is CVE-2007-5923?

References

Timeline