CVE-2018-6587
N/A
N/A
Summary
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CA Technologies | CA API Developer Portal | 3.5 < 3.5 CR7 | affected |
Weaknesses
- CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1040603
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01–security-notice-for-ca-api-developer-portal.html
References
- http://www.securitytracker.com/id/1040603
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01–security-notice-for-ca-api-developer-portal.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.