CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-5923

Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in CA (formerly Computer Associates) eTrust SiteMinder Agent allows remote attackers to inject arbitrary web script or HTML via the SMAUTHREASON parameter, a different vector than CVE-2005-2204.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.securityfocus.com/archive/1/483367/100/0/threaded
http://www.securityfocus.com/bid/26375
http://www.securityfocus.com/archive/1/483367/100/0/threaded
http://www.securityfocus.com/bid/26375

Products affected by CVE-2007-5923

Broadcom » Etrust Siteminder » Version: N/A

cpe:2.3:a:broadcom:etrust_siteminder:-
Broadcom » Etrust Siteminder » Version: 5.5

cpe:2.3:a:broadcom:etrust_siteminder:5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-5923

Products

Pricing

Contact Us