CVE-2009-2704

Currently unrated

Key Information:

Vendor: Oracle
Status: J2ee
Vendor: CVE Published:; 11 August 2009

Summary

CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing a %00 (encoded null byte).

References

http://i8jesus.com/?p=55

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 11, 2009