CVE-2014-8247

CA Release Automation < 4.7.1 - Cross-Site Scripting

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/55
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/343060
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534246/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1031375

Scores

EPSS 0.0451
EPSS Percentile 89.3%

Details

CWE
CWE-79
Status published
Products (1)
broadcom/release_automation < 4.7.1
Published Dec 16, 2014
Tracked Since Feb 18, 2026