Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References 5 Total
- http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20141215-01-security-notice-for-ca-lisa-release-automation.aspx
- seclists.org: 20141216 CA20141215-01: Security Notice for CA LISA Release Automation mailing-list
- kb.cert.org: VU#343060 third-party-advisory
- securityfocus.com: 20141215 CA20141215-01: Security Notice for CA LISA Release Automation mailing-list
- securitytracker.com: 1031375 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20141215-01-security-notice-for-ca-lisa-release-automation.aspx x_transferred
- seclists.org: 20141216 CA20141215-01: Security Notice for CA LISA Release Automation mailing-listx_transferred
- kb.cert.org: VU#343060 third-party-advisoryx_transferred
- securityfocus.com: 20141215 CA20141215-01: Security Notice for CA LISA Release Automation mailing-listx_transferred
- securitytracker.com: 1031375 vdb-entryx_transferred