Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ca api developer portal vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-6590
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
Broadcom Ca Api Developer Portal
Broadcom Ca Api Developer Portal 4.1
Broadcom Ca Api Developer Portal 4.0
7.5
CVSSv2
CVE-2020-11658
CA API Developer Portal 4.3.1 and previous versions handles shared secret keys in an insecure manner, which allows malicious users to bypass authorization.
Broadcom Ca Api Developer Portal
4
CVSSv2
CVE-2020-11660
CA API Developer Portal 4.3.1 and previous versions contains an access control flaw that allows privileged users to view restricted sensitive information.
Broadcom Ca Api Developer Portal
5.5
CVSSv2
CVE-2020-11661
CA API Developer Portal 4.3.1 and previous versions contains an access control flaw that allows privileged users to view and edit user data.
Broadcom Ca Api Developer Portal
5.8
CVSSv2
CVE-2020-11663
CA API Developer Portal 4.3.1 and previous versions handles 404 requests in an insecure manner, which allows malicious users to perform open redirect attacks.
Broadcom Ca Api Developer Portal
5.8
CVSSv2
CVE-2020-11664
CA API Developer Portal 4.3.1 and previous versions handles homeRedirect page redirects in an insecure manner, which allows malicious users to perform open redirect attacks.
Broadcom Ca Api Developer Portal
5.8
CVSSv2
CVE-2020-11665
CA API Developer Portal 4.3.1 and previous versions handles loginRedirect page redirects in an insecure manner, which allows malicious users to perform open redirect attacks.
Broadcom Ca Api Developer Portal
6.5
CVSSv2
CVE-2020-11666
CA API Developer Portal 4.3.1 and previous versions contains an access control flaw that allows malicious users to elevate privileges.
Broadcom Ca Api Developer Portal
4.3
CVSSv2
CVE-2018-6586
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.
Ca Api Developer Portal 3.5
4.3
CVSSv2
CVE-2018-6587
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.
Ca Api Developer Portal 3.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »