Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wso2 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-18881
WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile.
Wso2 Identity Server 5.7.0
6.1
CVSSv3
CVE-2019-18882
WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled.
Wso2 Identity Server 5.7.0
6.1
CVSSv3
CVE-2022-39810
An issue exists in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks wo...
Wso2 Enterprise Integrator 6.4.0
6.1
CVSSv3
CVE-2020-27885
Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change the logged-in user’s password a...
Wso2 Api Manager 3.1.0
5.4
CVSSv3
CVE-2018-20736
An issue exists in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product.
Wso2 Api Manager 2.6.0
6.1
CVSSv3
CVE-2022-39809
An issue exists in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/mediation_secure_vault/properties/ajaxprocessor.jsp via the name parameter. Session hijacking or similar attacks w...
Wso2 Enterprise Integrator 6.4.0
6.1
CVSSv3
CVE-2019-19587
In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console.
Wso2 Enterprise Integrator 6.5.0
4.8
CVSSv3
CVE-2019-20434
An issue exists in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Datasource creation page of the Management Console.
Wso2 Api Manager 2.6.0
4.8
CVSSv3
CVE-2019-20435
An issue exists in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a harmful docName request parameter.
Wso2 Api Manager 2.6.0
4.8
CVSSv3
CVE-2019-20438
An issue exists in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vulnerability has been identified in the inline API documentation editor page of the API Publisher.
Wso2 Api Manager 2.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »