Back to search
CVE-2003-1311
Published: Dec 15, 2006
Modified: Aug 8, 2024
PUBLISHED
Description
siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[curl-users] 20030529 Re: https, redirection and authentication using POST
mailing-list
x_refsource_MLIST
30741
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now