Vulnerabilities > BMC > Remedy Action Request System > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-24 | CVE-2015-9257 | Cross-site Scripting vulnerability in BMC Remedy Action Request System BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS. | 6.1 |
| 2018-03-12 | CVE-2017-18228 | Cross-site Scripting vulnerability in BMC Remedy Action Request System Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request. | 5.4 |