Multiple WSO2 products have been identified as vulnerable due to an XML External Entity (XXE) attack abuses a widely available but rarely used feature of XML parsers to access sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wso2 api manager |
||
wso2 api manager analytics 2.2.0 |
||
wso2 api manager analytics 2.5.0 |
||
wso2 api microgateway 2.2.0 |
||
wso2 enterprise integrator |
||
wso2 identity server as key manager 5.7.0 |
||
wso2 identity server as key manager 5.6.0 |
||
wso2 identity server as key manager 5.9.0 |
||
wso2 identity server as key manager 5.0.0 |
||
wso2 identity server 5.5.0 |
||
wso2 identity server 5.6.0 |
||
wso2 identity server 5.4.0 |
||
wso2 identity server 5.4.1 |
||
wso2 micro integrator 1.0.0 |