2 matches found
CVE-2011-4054
CVE-2011-4054 affects CA SiteMinder (login.fcc) where insufficient validation of the postpreservationdata parameter enables cross-site scripting (XSS). Reported for CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8; vendor remediation patches were issued to address the vulnerability: R6 SP6 ...
CVE-2011-1718
CVE-2011-1718 affects the Web Agents component of CA SiteMinder (R6 before SP6 CR2 and R12 before SP3 CR2). The issue stems from improper handling of multi-line headers, enabling remote authenticated users to impersonate others and gain privileges via crafted data. Affected products are CA SiteMi...