org.wso2.carbon:org.wso2.carbon.ui is vulnerable to reflected cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary Javascript through the uri
parameter in the decode
function.
CPE | Name | Operator | Version |
---|---|---|---|
wso2 carbon - ui | le | 4.5.3 | |
wso2 carbon - ui | le | 4.5.3 |