PT-2018-17651 · Ca · Ca Api Developer Portal
Published
2018-03-29
·
Updated
2023-01-27
·
CVE-2018-6587
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
CA API Developer Portal versions 3.5 up to and including 3.5 CR6
Description
The issue is related to a reflected cross-site scripting vulnerability. This vulnerability is associated with the
widgetID variable.Recommendations
For CA API Developer Portal versions 3.5 up to and including 3.5 CR6, consider restricting the use of the
widgetID variable until a patch is available.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ca Api Developer Portal