Lucene search
K
Wso2Micro Integrator

5 matches found

CVE
CVE
added 2022/04/21 12:0 a.m.751 views

CVE-2022-29548

CVE-2022-29548 is a reflected Cross-Site Scripting (XSS) vulnerability in the WSO2 Management Console affecting API Manager and related products (e.g., API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0–3.2.0, 4.0.0; API Manager Analytics; API Microgateway; Data Analytics Server; Enterprise Integrator; IS as...

6.1CVSS5.8AI score0.41078EPSS
CVE
CVE
added 2021/04/05 12:0 a.m.95 views

CVE-2020-17453

WSO2 Carbon Management Console

6.1CVSS5.9AI score0.26118EPSS
In wild
CVE
CVE
added 2023/12/15 9:26 a.m.68 views

CVE-2023-6836

CVE-2023-6836 refers to an XML External Entity (XXE) vulnerability affecting multiple WSO2 products (notably WSO2 API Manager). The underlying issue is an XML parser feature that can be abused to access sensitive information. The CVSS data in the initial document shows a high impact with network ...

7.5CVSS7.6AI score0.00482EPSS
CVE
CVE
added 2025/11/05 6:31 p.m.38 views

CVE-2025-11093

An Arbitrary Code Execution vulnerability (CVE-2025-11093) affects multiple WSO2 products due to insufficient restrictions in GraalJS and NashornJS Script Mediator engines. The issue can be triggered by authenticated users with elevated privileges, potentially executing code within the integratio...

8.4CVSS7.5AI score0.00429EPSS
CVE
CVE
added 2025/09/23 10:39 a.m.18 views

CVE-2024-4598

CVE-2024-4598 concerns information disclosure in multiple WSO2 products caused by an improper implementation of the enrich mediator. Authenticated users may see unintended business data from other mediation contexts because the internal state is not properly isolated or cleared between executions...

6.5CVSS5.8AI score0.00299EPSS