CVE-2007-5923
CA eTrust SiteMinder - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in CA (formerly Computer Associates) eTrust SiteMinder Agent allows remote attackers to inject arbitrary web script or HTML via the SMAUTHREASON parameter, a different vector than CVE-2005-2204.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Giuseppe Gottardi · textwebappsphp
https://www.exploit-db.com/exploits/30746
Scores
EPSS
0.0144
EPSS Percentile
80.5%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
broadcom/etrust_siteminder
Timeline
Published
Nov 10, 2007
Tracked Since
Feb 18, 2026