CVE-2018-6590
MEDIUMCA API Developer Portal 4.x < 4.2.5.3 - Reflected Cross-Site Scripting
Title source: llmDescription
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180802-01--security-notice-for-ca-api-developer-portal.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041416
Scores
CVSS v3
6.1
EPSS
0.0027
EPSS Percentile
49.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (3)
broadcom/ca_api_developer_portal
4.0
broadcom/ca_api_developer_portal
4.1
broadcom/ca_api_developer_portal
4.2.0 - 4.2.5.3
Published
Aug 03, 2018
Tracked Since
Feb 18, 2026