Api Manager Security Vulnerabilities and Issues — Api Manager CVE List

Lucene search

Wso2Api Manager

6 matches found

CVE•added 2019/05/14 3:29 p.m.•51 views

CVE-2019-6515

An issue was discovered in WSO2 API Manager 2.6.0. Uploaded documents for API documentation are available to an unauthenticated user.

5.3CVSS5.3AI score0.0072EPSS

CVE•added 2023/12/15 11:15 a.m.•43 views

CVE-2023-6839

Due to improper error handling, a REST API resource could expose a server side error containing an internal WSO2 specific package name in the HTTP response.

5.3CVSS5.2AI score0.00295EPSS

CVE•added 2019/05/21 10:29 p.m.•38 views

CVE-2019-6513

An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.

5.5CVSS5.4AI score0.00326EPSS

CVE•added 2023/12/15 10:15 a.m.•36 views

CVE-2023-6835

Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated.

5.3CVSS5.3AI score0.00246EPSS

CVE•added 2019/03/21 4:0 p.m.•30 views

CVE-2018-20737

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product.

5.4CVSS5.2AI score0.00324EPSS

CVE•added 2019/03/21 4:0 p.m.•18 views

CVE-2018-20736

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product.

5.4CVSS5.2AI score0.00318EPSS