Cross-site Scripting Vulnerability in CA Spectrum by CA Technologies
CVE-2015-2827

Currently unrated

Key Information:

Vendor: Broadcom
Status: Spectrum
Vendor: CVE Published:; 8 April 2015

What is CVE-2015-2827?

A cross-site scripting vulnerability exists in CA Spectrum versions 9.2.x and 9.3.x prior to 9.3 H02, allowing remote authenticated users to inject arbitrary web scripts or HTML into affected systems. This exploitation may allow attackers to execute malicious scripts within the browsers of users, potentially leading to a variety of security concerns, including data theft and session hijacking. Administrators are encouraged to review affected versions and apply recommended updates to mitigate this risk.

References

http://www.securityfocus.com/archive/1/535205/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.ca.com/us/support/ca-support-online/product-co...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/73963

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2015
Vulnerability Reserved
Apr 1, 2015

Broadcom

What is CVE-2015-2827?

References

Timeline