CVE-2019-15108

2019-08-1604:15:10

Google

osv.dev

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component.

References

docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0597