CVE-2005-2204
CVE-2005-2204 describes a cross-site scripting vulnerability in CA eTrust SiteMinder 5.5. When CSSChecking is set to NO, an attacker can inject arbitrary script/HTML through parameters to smpwservicescgi.exe (PASSWORD, BUFFER) and login.fcc (TARGET), and possibly other vectors. This affects SiteM...