5 matches found
Cross site scripting
An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting XSS vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks would not be...
WSO2 Enterprise Integrator 跨站脚本漏洞
WSO2 Enterprise Integrator is the United States WSO2 company's set of open source hybrid integration platform. The platform supports communication between multiple applications. A security vulnerability exists in WSO2 Enterprise Integrator version 6.4.0, which stems from reflective cross-site...
GHSA-MJWW-VQQW-V78Q WSO2 Carbon directory traversal vulnerability
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
Directory traversal
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...