CVE-2018-9027 – CA Privileged Access Manager 2.x Code Execution

https://notcve.org/view.php?id=CVE-2018-9027

15 Jun 2018 — A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link. Una vulnerabilidad de Cross-Site Scripting (XSS) reflejado en las versiones 2.x de CA Privileged Access Manager permite que los atacantes remotos ejecuten scripts maliciosos con un enlace especialmente manipulado. CA Technologies Support is alerting customers to multiple potential risks with CA Privileged Access Manager. Multiple vulnerabilitie... • http://www.securityfocus.com/bid/104496 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •