Vulnerability Details CVE-2018-6586
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.securitytracker.com/id/1040603
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html
- http://www.securitytracker.com/id/1040603
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html
Products affected by CVE-2018-6586
-
cpe:2.3:a:ca:api_developer_portal:3.5