Cross-Site Scripting Vulnerability in CA Release Automation by CA Technologies
CVE-2014-8247

Currently unrated

Key Information:

Vendor: Broadcom
Status: Release Automation
Vendor: CVE Published:; 16 December 2014

What is CVE-2014-8247?

A cross-site scripting vulnerability exists in CA Release Automation prior to version 4.7.1 b448. This flaw allows remote attackers to inject arbitrary web scripts or HTML through unspecified vectors, potentially compromising the integrity of the affected application. Proper input validation and output encoding practices are essential to mitigate the risk associated with this vulnerability.

References

http://www.ca.com/us/support/ca-support-online/product-co...

x_refsource_CONFIRM

http://seclists.org/fulldisclosure/2014/Dec/55

mailing-listx_refsource_FULLDISC

http://www.kb.cert.org/vuls/id/343060

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Dec 16, 2014
Vulnerability Reserved
Oct 12, 2014

Broadcom

What is CVE-2014-8247?

References

Timeline