Lucene search

K

[email protected]NVD:CVE-2024-36459

HistoryJun 14, 2024 - 12:15 p.m.

CVE-2024-36459

2024-06-1412:15:09

[email protected]

web.nvd.nist.gov

1

cve-2024-36459

crlf

xss

siteminder

iis

domino

web server

javascript

browser

0.0004 Low

EPSS

Percentile

9.0%

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser.

References

datatracker.ietf.org/doc/html/rfc6265#section-4.1.1

support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24537

0.0004 Low

EPSS

Percentile

9.0%

Related for NVD:CVE-2024-36459