1 results (0.003 seconds)

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in CA Service Desk 11.2 and CMDB 11.0 through 11.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "multiple web forms." Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en CA Service Desk v11.2 y CMDB v11.0 hasta v11.2, permite a atacantes remotos inyectar secuencias de comandos web y HTML de su elección a través de vectores no especificados implicando a "múltiples formas web". • http://community.ca.com/blogs/casecurityresponseblog/archive/2008/09/25.aspx http://secunia.com/advisories/32038 http://securityreason.com/securityalert/4318 http://www.securityfocus.com/archive/1/496755/100/0/threaded http://www.securityfocus.com/bid/31412 http://www.securitytracker.com/id?1020949 http://www.vupen.com/english/advisories/2008/2673 https://exchange.xforce.ibmcloud.com/vulnerabilities/45416 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=186585 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •