Lucene search
+L

4 matches found

NVD
NVD
added 2025/05/22 8:15 p.m.14 views

CVE-2024-5962

A reflected cross-site scripting XSS vulnerability exists in the authentication endpoint of multiple WSO2 products due to missing output encoding of user-supplied input. A malicious actor can exploit this vulnerability to inject arbitrary JavaScript into the authentication flow, potentially leadi...

6.1CVSS0.00223EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 7:34 p.m.17 views

CVE-2024-5962 Reflected Cross-Site Scripting (XSS) in Authentication Endpoint of Multiple WSO2 Products Due to Missing Output Encoding

A reflected cross-site scripting XSS vulnerability exists in the authentication endpoint of multiple WSO2 products due to missing output encoding of user-supplied input. A malicious actor can exploit this vulnerability to inject arbitrary JavaScript into the authentication flow, potentially leadi...

6.1CVSS0.00223EPSS
Exploits0References1
CVE
CVE
added 2025/05/22 7:34 p.m.58 views

CVE-2024-5962

CVE-2024-5962 is a reflected XSS in the authentication endpoint of multiple WSO2 products (e.g., WSO2 API Manager and WSO2 Identity Server) caused by missing output encoding of user input. The vulnerability can lead to arbitrary JavaScript execution in the authentication flow, potentially modifyi...

6.1CVSS6.2AI score0.00223EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/05/22 7:34 p.m.7 views

CVE-2024-5962 Reflected Cross-Site Scripting (XSS) in Authentication Endpoint of Multiple WSO2 Products Due to Missing Output Encoding

A reflected cross-site scripting XSS vulnerability exists in the authentication endpoint of multiple WSO2 products due to missing output encoding of user-supplied input. A malicious actor can exploit this vulnerability to inject arbitrary JavaScript into the authentication flow, potentially leadi...

6.1CVSS6.2AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder