GHSA-CMJC-QP7J-XGWR WSO2 carbon-apimgt affected by an authenticated stored cross-site scripting (XSS) vulnerability

An authenticated stored Cross-Site Scripting XSS vulnerability exists in WSO2 API Manager components carbon-apimgt due to insufficient validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document whose...