Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-6515
An issue exists in WSO2 API Manager 2.6.0. Uploaded documents for API documentation are available to an unauthenticated user.
Wso2 Api Manager 2.6.0
3.5
CVSSv2
CVE-2018-20736
An issue exists in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product.
Wso2 Api Manager 2.6.0
4.3
CVSSv2
CVE-2020-27885
Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change the logged-in user’s password a...
Wso2 Api Manager 3.1.0
3.5
CVSSv2
CVE-2019-20435
An issue exists in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a harmful docName request parameter.
Wso2 Api Manager 2.6.0
3.5
CVSSv2
CVE-2019-20439
An issue exists in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in defining a scope in the "manage the API" page of the API Publisher.
Wso2 Api Manager 2.6.0
3.5
CVSSv2
CVE-2019-20441
An issue exists in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS) vulnerability has been identified in the 'implement phase' of the API Publisher.
Wso2 Api Manager 2.6.0
5
CVSSv2
CVE-2021-22516
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.
Microfocus Secure Api Manager 2.0.0
NA
CVE-2023-50092
APIIDA API Gateway Manager for Broadcom Layer7 v2023.2 is vulnerable to Cross Site Scripting (XSS).
Apiida Api Gateway Manager 2023.02.02
NA
CVE-2023-50093
APIIDA API Gateway Manager for Broadcom Layer7 v2023.2.2 is vulnerable to Host Header Injection.
Apiida Api Gateway Manager 2023.02.02
4.3
CVSSv2
CVE-2020-24706
An issue exists in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager up to and including 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager up to and including 5.10.0, Identity Server up to and including 5.10.0, Identity Server Analytics up ...
Wso2 Identity Server Analytics
Wso2 Identity Server As Key Manager
Wso2 Identity Server
Wso2 Api Manager
Wso2 Api Manager Analytics 2.5.0
Wso2 Iot Server 3.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »