RSS   Vulnerabilities for 'Policy server'   RSS

2004-08-06
 
CVE-2004-0672

 

 
Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype parameter.

 

 >>> Vendor: Netegrity 4 Products
Siteminder
Sideminder affiliate agent
Identityminder
Policy server


Copyright 2024, cxsecurity.com

 

Back to Top