Vulnerability in Broadcom Symantec Siteminder
CVE-2024-36459
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascrip…
Vulnerability class: CRLF Injection
EPSS: 0.004 (33.7th percentile) — read the EPSS interpretation.
Affected products
- Broadcom Symantec Siteminder — versions R 12.52 SP1 CR11 and below, R12.8