CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6587
https://notcve.org/view.php?id=CVE-2018-6587
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable. CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR6 tiene una vulnerabilidad Cross Site Scripting reflejado relacionada con la variable widgetID. • http://www.securitytracker.com/id/1040603 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-6588
https://notcve.org/view.php?id=CVE-2018-6588
CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer. CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR5 tiene una vulnerabilidad Cross Site Scripting reflejado relacionada con apiExplorer. • http://www.securitytracker.com/id/1040603 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6586
https://notcve.org/view.php?id=CVE-2018-6586
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing. CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR6 tiene una vulnerabilidad Cross Site Scripting almacenado relacionada con el procesamiento de las imágenes de perfil. • http://www.securitytracker.com/id/1040603 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •