CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6586 – CA API Developer Portal Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-6586
29 Mar 2018 — CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing. CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR6 tiene una vulnerabilidad Cross Site Scripting almacenado relacionada con el procesamiento de las imágenes de perfil. CA Technologies Support is alerting customers to multiple potential risks with CA API Developer Portal. Multiple vulnerabilities exist that can allow a remote attacker to conduct cross-site ... • http://www.securitytracker.com/id/1040603 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6587 – CA API Developer Portal Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-6587
29 Mar 2018 — CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable. CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR6 tiene una vulnerabilidad Cross Site Scripting reflejado relacionada con la variable widgetID. CA Technologies Support is alerting customers to multiple potential risks with CA API Developer Portal. Multiple vulnerabilities exist that can allow a remote attacker to conduct cross-site scripting attacks. • http://www.securitytracker.com/id/1040603 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-6588 – CA API Developer Portal Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-6588
29 Mar 2018 — CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer. CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR5 tiene una vulnerabilidad Cross Site Scripting reflejado relacionada con apiExplorer. CA Technologies Support is alerting customers to multiple potential risks with CA API Developer Portal. Multiple vulnerabilities exist that can allow a remote attacker to conduct cross-site scripting attacks. • http://www.securitytracker.com/id/1040603 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •