Lucene search
K
Wso2Api Microgateway

11 matches found

CVE
CVE
added 2022/04/21 12:0 a.m.749 views

CVE-2022-29548

CVE-2022-29548 is a reflected Cross-Site Scripting (XSS) vulnerability in the WSO2 Management Console affecting API Manager and related products (e.g., API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0–3.2.0, 4.0.0; API Manager Analytics; API Microgateway; Data Analytics Server; Enterprise Integrator; IS as...

6.1CVSS5.8AI score0.41078EPSS
Web
CVE
CVE
added 2020/08/21 7:5 p.m.109 views

CVE-2020-24590

The CVE-2020-24590 entry affects the WSO2 API Manager Management Console (versions up to 3.1.0) and API Microgateway (2.2.0). It stems from XML Entity Expansion/XEE in the XML processing path, enabling attackers to cause denial of service or crash the system, with examples indicating unauthentica...

9.1CVSS9.2AI score0.0126EPSS
CVE
CVE
added 2020/06/06 6:49 p.m.105 views

CVE-2020-13883

CVE-2020-13883 affects WSO2 product family: WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier. The vulnerability is an XML External Entity (XXE) flaw in the Management Console during the addition or update of a Lifecycle. Connected sourc...

6.7CVSS6.5AI score0.008EPSS
CVE
CVE
added 2020/05/07 11:40 p.m.98 views

CVE-2020-12719

CVE-2020-12719 describes an XXE condition that can occur during an EventPublisher update in the Management Console of several WSO2 products. Affected products and versions include WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integ...

8.7CVSS6.9AI score0.01034EPSS
CVE
CVE
added 2021/04/05 12:0 a.m.95 views

CVE-2020-17453

WSO2 Carbon Management Console

6.1CVSS5.9AI score0.26118EPSS
In wildWeb
CVE
CVE
added 2020/08/21 7:6 p.m.94 views

CVE-2020-24589

CVE-2020-24589 affects WSO2 API Manager up to 3.1.0 and API Microgateway 2.2.0 with XML External Entity (XXE) injection in the Management Console. The vulnerability arises from improper XML parsing, potentially allowing access to server files and interaction with backend systems. In practice, CVE...

9.1CVSS9.3AI score0.26939EPSS
In wild
CVE
CVE
added 2020/08/21 7:5 p.m.76 views

CVE-2020-24591

The CVE concerns an XML External Entity (XXE) vulnerability in the Management Console of several WSO2 products during EventReceiver updates. Affected are API Manager up to 3.0.0; API Manager Analytics 2.2.0 and 2.5.0; API Microgateway 2.2.0; Enterprise Integrator 6.2.0 and 6.3.0; and Identity Ser...

6.5CVSS6.4AI score0.01033EPSS
CVE
CVE
added 2023/12/18 8:32 a.m.73 views

CVE-2023-6911

CVE-2023-6911 affects WSO2 products, with the root cause described as improper output encoding in the Registry feature of the Management Console, enabling a Stored Cross Site Scripting (XSS) payload injection. The issue is documented across multiple sources (including Red Hat, Veracode, GHSA/osv ...

4.8CVSS5AI score0.00406EPSS
CVE
CVE
added 2023/12/15 9:26 a.m.65 views

CVE-2023-6836

CVE-2023-6836 refers to an XML External Entity (XXE) vulnerability affecting multiple WSO2 products (notably WSO2 API Manager). The underlying issue is an XML parser feature that can be abused to access sensitive information. The CVSS data in the initial document shows a high impact with network ...

7.5CVSS7.6AI score0.00482EPSS
CVE
CVE
added 2020/08/27 12:0 a.m.57 views

CVE-2020-24703

CVE-2020-24703 affects multiple WSO2 products: API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0, Identity Server Analytics 5.5.0, and IoT Server 3.3.0–...

8.8CVSS8.4AI score0.0105EPSS
CVE
CVE
added 2020/08/27 12:0 a.m.52 views

CVE-2020-24704

CVE-2020-24704 is a reflected XSS vulnerability affecting multiple WSO2 products (API Manager, API Manager Analytics, API Microgateway, Data Analytics Server, Enterprise Integrator, IS as Key Manager, Identity Server/Analytics, and IoT Server) with versions listed in the Initial description. The ...

6.1CVSS6.2AI score0.00722EPSS