CVE-2020-12719

2020-05-0800:15:12

Google

osv.dev

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.

CPENameOperatorVersion
product-apimeq1.9.0-Beta
product-apimeq1.10.0-rc3
product-apimeq2.1.0-update7
product-apimeq1.10.0
product-apimeq2.1.0-update12
product-apimeq1.9.0-Alpha
product-apimeq2.1.0-update3
product-apimeqtest-tag-1.9.0-Alpha
product-apimeq2.0.0-rc4
product-apimeq2.1.0-update2

Name	Operator	Version
product-apim	eq	1.9.0-Beta
product-apim	eq	1.10.0-rc3
product-apim	eq	2.1.0-update7
product-apim	eq	1.10.0
product-apim	eq	2.1.0-update12
product-apim	eq	1.9.0-Alpha
product-apim	eq	2.1.0-update3
product-apim	eq	test-tag-1.9.0-Alpha
product-apim	eq	2.0.0-rc4
product-apim	eq	2.1.0-update2