CVE-2018-6586
CA API Developer Portal 3.5 up to and including 3.5 CR6 contains a stored cross-site scripting vulnerability in profile picture handling due to insufficient input filtering. Impact is partial integrity loss via script execution in the context of the user viewing the affected portal. The CVE is co...