Enterprise Integrator@6.4.0 Security Vulnerabilities and Issues — Enterprise Integrator@6.4.0 CVE List

Lucene search

Wso2Enterprise Integrator6.4.0

4 matches found

CVE•added 2022/04/21 2:15 a.m.•710 views

CVE-2022-29548

A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4....

6.1CVSS5.8AI score0.79277EPSS

CVE•added 2022/09/09 5:15 p.m.•301 views

CVE-2022-39810

An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks would not be ...

6.1CVSS5.9AI score0.05728EPSS

CVE•added 2022/09/09 5:15 p.m.•218 views

CVE-2022-39809

An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/mediation_secure_vault/properties/ajaxprocessor.jsp via the name parameter. Session hijacking or similar attacks would not be...

6.1CVSS5.9AI score0.00114EPSS

CVE•added 2023/12/18 9:15 a.m.•53 views

CVE-2023-6911

Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console.

4.8CVSS5AI score0.00347EPSS