2 matches found
CVE-2008-2026
Cross-site scripting XSS vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. NOTE: this is different than CVE-2005-1118, but it mig...
CVE-2008-2026
The CVE-2008-2026 issue affects RSA Security's WebID IISWebAgentIF.dll in the RSA Authentication Agent for Web, version 5.3.0.258 and older than 5.3.3.378. Root cause is insufficient filtering of the postdata parameter, enabling remote XSS via a URL-encoded postdata value. An exploit example exis...