Vulnerabilities > Broadcom > Project Portfolio Management > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-30 | CVE-2018-13826 | XXE vulnerability in multiple products An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks. | 6.4 |
2018-08-30 | CVE-2018-13825 | Cross-site Scripting vulnerability in multiple products Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. | 4.3 |
2018-08-30 | CVE-2018-13823 | XXE vulnerability in multiple products An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information. | 5.0 |