A user can supply malicious HTML and JavaScript code that will be executed in the client browser
broadcom symantec siteminder webagent 12.52