CA Release Automation Cross-Site Scripting Vulnerability (CVE-2015-8699)
CA Release Automation Cross-Site Scripting Vulnerability (CVE-2015-8699)
Release date:
Updated on:
Affected Systems:
CA Release Automation 6.1.0 <6.1.0-1026
CA Release Automation 5.5.2 <5.5.2-434
CA Release Automation 5.5.1 <5.5.1-1616
CA Release Automation 5.0.2 <5.0.2-227
Description:
CVE (CAN) ID: CVE-2015-8699
CA Release Automation is an application Release management solution.
CA Release Automation (formerly LISA Release Automation) 5.0.2 <5.0.2-227, 5.5.1 <5.5.1-1616, 5.5.2 <5.5.2-434, 6.1.0 <6.1.0-1026 has multiple cross-site scripting vulnerabilities, allowing remote attackers to inject arbitrary Web scripts or HTML.
<* Source: Marcin wo& #322; oszyn
*>
Suggestion:
Vendor patch:
CA
--
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx
This article permanently updates the link address: