mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
69 lines
2.0 KiB
JSON
69 lines
2.0 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "vuln@ca.com",
|
|
"DATE_PUBLIC" : "2018-08-29T00:00:00",
|
|
"ID" : "CVE-2018-13825",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "PPM",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "15.3 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "CA Technologies"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Cross Site Scripting (XSS)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html"
|
|
},
|
|
{
|
|
"name" : "105297",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/105297"
|
|
}
|
|
]
|
|
}
|
|
}
|