Netegrity SiteMinder HTML Page Injection Vulnerability

An exploit is not required.

The following proof of concept is available:
https://www.example.com/siteminderagent/pwcgi/smpwservicescgi.exe?TARGET=http%3a%2f%2fwww%2ecomputec%2ech


 

Privacy Statement
Copyright 2010, SecurityFocus