CVE-2018-13825 in CA Technologies and Broadcom Products
Published on August 30, 2018
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
Products Associated with CVE-2018-13825
stack.watch emails you whenever new vulnerabilities are published in CA Technologies Project Portfolio Management or Broadcom Project Portfolio Management. Just hit a watch button to start following.
Affected Versions
CA Technologies PPM Version 15.3 and earlier is affected by CVE-2018-13825Exploit Probability
EPSS
0.24%
Percentile
47.03%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.