Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/04 5:14 p.m.31 views

CVE-2024-8008

A reflected cross-site scripting XSS vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser ...

5.2CVSS5.2AI score0.00452EPSS
Exploits0References1
OSV
OSV
added 2025/06/02 6:30 p.m.6 views

GHSA-XPXP-R8HF-WGF6 WSO2 products vulnerable to Cross-site Scripting

A reflected cross-site scripting XSS vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser ...

5.2CVSS6AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2025/06/02 5:15 p.m.7 views

CVE-2024-8008

A reflected cross-site scripting XSS vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser ...

5.2CVSS6AI score
Exploits0References1
CVE
CVE
added 2025/06/02 4:48 p.m.82 views

CVE-2024-8008

CVE-2024-8008 is a reflected Cross-Site Scripting (XSS) vulnerability in multiple WSO2 products caused by insufficient output encoding in error messages from the JDBC user store connection validation request. An attacker can craft a request payload that triggers JavaScript execution in the victim...

5.2CVSS5.2AI score0.00452EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2025/06/02 4:48 p.m.25 views

CVE-2024-8008 Reflected Cross-Site Scripting (XSS) in Multiple WSO2 Products via JDBC User Store Connection Validation

A reflected cross-site scripting XSS vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, causing the browser ...

5.2CVSS0.00452EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.10 views

PT-2025-23539

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description A reflected cross-site scripting XSS issue exists due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. This allows a malicious...

5.2CVSS5.7AI score0.00452EPSS
Exploits0References10
Rows per page
Query Builder