Posted by Williams, Ken on Dec 16

CA20141215-01: Security Notice for CA LISA Release Automation

Issued: December 15, 2014

CA Technologies Support is alerting customers to multiple
vulnerabilities in CA Release Automation (formerly CA LISA Release
Automation, change effective 2014-09-19).

The first vulnerability, CVE-2014-8246, is a cross-site request forgery
(CSRF) issue related to insufficient validation. A remote attacker can
potentially execute privileged actions on a…