Back

CVE-2024-36459

June 14, 2024, 12:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

SiteMinder Web Agent for IIS Web Server

SiteMinder Web Agent for Domino Web Server

Source

secure@symantec.com

Tags

2024-06-14
CVE-2024-36459
secure@symantec.com

CVE-2024-36459 details

Published : June 14, 2024, 12:15 p.m.
Last Modified : June 14, 2024, 12:15 p.m.

Description

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.1 secure@symantec.com
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24537 secure@symantec.com
This website uses the NVD API, but is not approved or certified by it.