CVE-2007-6406

CA eTrust Threat Mgmt Console - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly Computer Associates) eTrust Threat Management Console allow remote attackers to inject arbitrary web script or HTML via the IP Address field and other unspecified fields.

References (4)

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1019047

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/38868

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/484607/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/3458

Scores

EPSS 0.0030

EPSS Percentile 52.9%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

broadcom/etrust_threat_management_console

Timeline

Published Dec 17, 2007

Tracked Since Feb 18, 2026