Vulnerabilities > Wso2 > API Manager Analytics > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-15 CVE-2023-6836 XXE vulnerability in Wso2 products
Multiple WSO2 products have been identified as vulnerable due to an XML External Entity (XXE) attack abuses a widely available but rarely used feature of XML parsers to access sensitive information.
network
low complexity
wso2 CWE-611
7.5
2020-08-27 CVE-2020-24705 Unspecified vulnerability in Wso2 products
An issue was discovered in certain WSO2 products.
network
low complexity
wso2
8.8
2020-08-27 CVE-2020-24703 Unspecified vulnerability in Wso2 products
An issue was discovered in certain WSO2 products.
network
low complexity
wso2
8.8
2020-05-08 CVE-2020-12719 XXE vulnerability in Wso2 products
XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.
network
low complexity
wso2 CWE-611
7.2