Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.10 views

CVE-2020-24705

An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-controlled server if the victim submits a crafted Try It request, aka Session Hijacking. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key...

8.8CVSS6.6AI score0.0105EPSS
Exploits0References1
NVD
NVD
added 2020/08/27 4:15 p.m.25 views

CVE-2020-24705

An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-controlled server if the victim submits a crafted Try It request, aka Session Hijacking. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key...

8.8CVSS8.5AI score0.0105EPSS
Exploits0References1
CVE
CVE
added 2020/08/27 12:0 a.m.56 views

CVE-2020-24705

CVE-2020-24705 describes a session hijacking vulnerability in several WSO2 products where a valid Carbon Management Console session cookie can be sent to an attacker-controlled server after a crafted Try It request. Affected are WSO2 API Manager (through 3.1.0), API Manager Analytics (2.5.0), IS ...

8.8CVSS8.4AI score0.0105EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2020/08/27 12:0 a.m.29 views

CVE-2020-24705

An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-controlled server if the victim submits a crafted Try It request, aka Session Hijacking. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key...

8.8CVSS8.5AI score0.0105EPSS
Exploits0References1
Rows per page
Query Builder