3 matches found
CVE-2014-8248
SQL injection vulnerability in CA Release Automation formerly iTKO LISA Release Automation before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query...
CVE-2014-8248
CVE-2014-8248 is a SQL injection in CA Release Automation (formerly iTKO LISA Release Automation) affecting versions up to 4.7.1 before the b448 hotfix. The root cause is insufficient input sanitization in the query path, enabling a remote authenticated user to execute arbitrary SQL. CA issued CA...
CA LISA Release Automation contains multiple vulnerabilities
Overview CA LISA Release Automation 4.7.1.385 contains multiple vulnerabilities Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2014-8246CA LISA Release Automation 4.7.1.385 contains a global Cross-Site Request Forgery CSRF vulnerability. The application allows a malicious user to...