Security vulnerability -XSS : CVE-2007-5923 Vulnerability via SiteMinder
Article ID: 258627
Updated On:
Products
CA Single Sign On Agents (SiteMinder)
Issue/Introduction
Webserver's integrated with a 12.52 WebAgent is vulnerable to the CVE-2007-5923
Environment
Release : 12.52
All Webservers
Resolution
-> Login to WAMUI and search for the ACO used for the webagent.
-> Modify the ACO and add the aco parameter as below.
"FCCHTMLEncodingChars" and set the value to "\"
-> Save the ACO settings
-> Stop / Start the webagent
->Check the webagent logs should display this value as below.
fcchtmlencodingchars='\'.
.
Feedback
Yes
No
Powered by
