Описание
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ca:api_developer_portal:3.5:*:*:*:*:*:*:*
cpe:2.3:a:ca:api_developer_portal:3.5:cr1:*:*:*:*:*:*
cpe:2.3:a:ca:api_developer_portal:3.5:cr2:*:*:*:*:*:*
cpe:2.3:a:ca:api_developer_portal:3.5:cr3:*:*:*:*:*:*
cpe:2.3:a:ca:api_developer_portal:3.5:cr4:*:*:*:*:*:*
cpe:2.3:a:ca:api_developer_portal:3.5:cr5:*:*:*:*:*:*
cpe:2.3:a:ca:api_developer_portal:3.5:cr6:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00446
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.
EPSS
Процентиль: 63%
0.00446
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79