Unrated severityNVD Advisory· Published Oct 29, 2013· Updated Apr 29, 2026

CVE-2013-5968

Description

Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character.

Affected products

Broadcom Corporation/Siteminder5 versions
cpe:2.3:a:broadcom:siteminder:12.0:sp1:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:broadcom:siteminder:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:broadcom:siteminder:12.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:broadcom:siteminder:12.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:broadcom:siteminder:12.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:siteminder:12.51:*:*:*:*:*:*:*
Ca/Web Agents
cpe:2.3:a:ca:web_agents:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2013-10/0120.htmlnvd
osvdb.org/98919nvd
seclists.org/fulldisclosure/2013/Oct/230nvd
www.securitytracker.com/id/1029237nvd
support.ca.com/irj/portal/anonymous/phpsupcontentnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000