Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Wso2Api Manager3.1.0

3 matches found

CVE
CVEadded 2023/12/18 9:15 a.m.53 views

CVE-2023-6911

Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console.

4.8CVSS5AI score0.00347EPSS
CVE
CVEadded 2023/12/15 11:15 a.m.43 views

CVE-2023-6839

Due to improper error handling, a REST API resource could expose a server side error containing an internal WSO2 specific package name in the HTTP response.

5.3CVSS5.2AI score0.00295EPSS
CVE
CVEadded 2023/12/15 10:15 a.m.31 views

CVE-2023-6838

Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests.

6.1CVSS6AI score0.00593EPSS