WSO2 carbon-apimgt affected by an authenticated stored cross-site scripting (XSS) vulnerability

An authenticated stored Cross-Site Scripting XSS vulnerability exists in WSO2 API Manager components carbon-apimgt due to insufficient validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document whose...

WSO2 Identity Server 安全漏洞

WSO2 Identity Server IS is an identity server from the US-based WSO2, Inc. A security vulnerability exists in WSO2 Identity Server IS that originates from a failure to properly validate user input during API document uploads, which could lead to a stored cross-site scripting attack...