2 matches found
CVE-2017-14651
Summary: CVE-2017-14651 affects WSO2 Data Analytics Server 3.1.0. The vulnerability is a cross-site scripting (XSS) flaw in carbon/resources/add_collection_ajaxprocessor.jsp, exploitable via the collectionName or parentPath parameters. Exploitation could cause injected scripts to run in a victim’...
CVE-2023-6911
CVE-2023-6911 affects WSO2 products, with the root cause described as improper output encoding in the Registry feature of the Management Console, enabling a Stored Cross Site Scripting (XSS) payload injection. The issue is documented across multiple sources (including Red Hat, Veracode, GHSA/osv ...