Api Microgateway Security Vulnerabilities and Issues — Api Microgateway CVE List

Lucene search

Wso2Api Microgateway

5 matches found

CVE•added 2022/04/21 2:15 a.m.•710 views

CVE-2022-29548

A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4....

6.1CVSS5.8AI score0.79277EPSS

CVE•added 2020/06/06 7:15 p.m.•88 views

CVE-2020-13883

In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.

6.7CVSS6.5AI score0.00279EPSS

CVE•added 2021/04/05 10:15 p.m.•58 views

CVE-2020-17453

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.

6.1CVSS5.9AI score0.76253EPSS

CVE•added 2020/08/21 8:15 p.m.•55 views

CVE-2020-24591

The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0, Enterprise Integrator 6.2.0 and 6.3.0, and Identity Server Analytics through 5.6.0.

6.5CVSS6.4AI score0.00403EPSS

CVE•added 2020/08/27 4:15 p.m.•34 views

CVE-2020-24704

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0, Id...

6.1CVSS6.2AI score0.00187EPSS