Lucene search
K
Wso2Data Analytics Server

7 matches found

CVE
CVE
added 2022/04/21 12:0 a.m.749 views

CVE-2022-29548

CVE-2022-29548 is a reflected Cross-Site Scripting (XSS) vulnerability in the WSO2 Management Console affecting API Manager and related products (e.g., API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0–3.2.0, 4.0.0; API Manager Analytics; API Microgateway; Data Analytics Server; Enterprise Integrator; IS as...

6.1CVSS5.8AI score0.40481EPSS
CVE
CVE
added 2017/09/21 6:0 p.m.92 views

CVE-2017-14651

Summary: CVE-2017-14651 affects WSO2 Data Analytics Server 3.1.0. The vulnerability is a cross-site scripting (XSS) flaw in carbon/resources/add_collection_ajaxprocessor.jsp, exploitable via the collectionName or parentPath parameters. Exploitation could cause injected scripts to run in a victim’...

4.8CVSS4.7AI score0.03836EPSS
Web
CVE
CVE
added 2023/12/18 8:32 a.m.73 views

CVE-2023-6911

CVE-2023-6911 affects WSO2 products, with the root cause described as improper output encoding in the Registry feature of the Management Console, enabling a Stored Cross Site Scripting (XSS) payload injection. The issue is documented across multiple sources (including Red Hat, Veracode, GHSA/osv ...

4.8CVSS5AI score0.00406EPSS
CVE
CVE
added 2020/08/27 12:0 a.m.56 views

CVE-2020-24703

CVE-2020-24703 affects multiple WSO2 products: API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0, Identity Server Analytics 5.5.0, and IoT Server 3.3.0–...

8.8CVSS8.4AI score0.0105EPSS
CVE
CVE
added 2017/10/03 7:0 a.m.53 views

CVE-2017-14995

CVE-2017-14995: A stored XSS vulnerability in the Management Console affects multiple WSO2 products (WSO2 Application Server 5.3.0; WSO2 Business Process Server 3.6.0; WSO2 Business Rules Server 2.2.0; WSO2 Complex Event Processor 4.2.0; WSO2 Dashboard Server 2.0.0; WSO2 Data Analytics Server 3.1...

6.1CVSS5.2AI score0.00635EPSS
CVE
CVE
added 2020/08/27 12:0 a.m.52 views

CVE-2020-24704

CVE-2020-24704 is a reflected XSS vulnerability affecting multiple WSO2 products (API Manager, API Manager Analytics, API Microgateway, Data Analytics Server, Enterprise Integrator, IS as Key Manager, Identity Server/Analytics, and IoT Server) with versions listed in the Initial description. The ...

6.1CVSS6.2AI score0.00722EPSS
CVE
CVE
added 2025/10/16 12:33 p.m.23 views

CVE-2025-9804

The CVE-2025-9804 entry concerns multiple WSO2 products (e.g., API Manager family) with an improper access-control flaw due to insufficient permission enforcement in internal SOAP Admin Services and System REST APIs. The root cause is limited access-control checks on internal interfaces, allowing...

9.6CVSS6.5AI score0.00509EPSS