CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-0640

Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.7%

CVSS Severity

CVSS v2 Score 2.6

References

http://seclists.org/fulldisclosure/2010/Feb/415
http://www.securityfocus.com/archive/1/509714/100/0/threaded
http://www.securityfocus.com/bid/38376
http://seclists.org/fulldisclosure/2010/Feb/415
http://www.securityfocus.com/archive/1/509714/100/0/threaded
http://www.securityfocus.com/bid/38376

Products affected by CVE-2010-0640

Ca » Ehealth Performance Manager » Version: 6.0

cpe:2.3:a:ca:ehealth_performance_manager:6.0
Ca » Ehealth Performance Manager » Version: 6.1

cpe:2.3:a:ca:ehealth_performance_manager:6.1
Ca » Ehealth Performance Manager » Version: 6.2

cpe:2.3:a:ca:ehealth_performance_manager:6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-0640

Products

Pricing

Contact Us