Описание
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.3 (включая)
Одно из
cpe:2.3:a:broadcom:project_portfolio_management:*:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:project_portfolio_management:14.4:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:project_portfolio_management:15.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:project_portfolio_management:15.2:cp5:*:*:*:*:*:*
cpe:2.3:a:ca:project_portfolio_management:15.3:cp2:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00239
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
EPSS
Процентиль: 47%
0.00239
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79