PT-2010-2392 · Ca · Ca Ehealth Performance Manager

Published

2010-02-24

Updated

2018-10-10

CVE-2010-0640

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions CA eHealth Performance Manager versions 6.0.x through 6.2.x

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via a crafted request when malicious HTML detection is disabled.

Recommendations For CA eHealth Performance Manager versions 6.0.x through 6.2.x, enable malicious HTML detection to prevent exploitation of this issue.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2010-0640

Affected Products

Ca Ehealth Performance Manager

PT-2010-2392 · Ca · Ca Ehealth Performance Manager

CVE-2010-0640

Weakness Enumeration

Related Identifiers

Affected Products

References · 4