Vulnerabilities > Wso2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-17 | CVE-2020-11885 | XXE vulnerability in Wso2 Enterprise Integrator WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability where a user (with admin console access) can use the XML validator to make unintended network invocations such as SSRF via an uploaded file. | 6.5 |
2020-02-19 | CVE-2019-10797 | Unspecified vulnerability in Wso2 Transport-Http Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled. network wso2 | 4.3 |
2020-01-28 | CVE-2019-20439 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 4.8 |
2020-01-28 | CVE-2019-20438 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 3.5 |
2020-01-28 | CVE-2019-20437 | Cross-site Scripting vulnerability in Wso2 API Manager and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 6.1 |
2020-01-28 | CVE-2019-20436 | Cross-site Scripting vulnerability in Wso2 API Manager and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 6.1 |
2020-01-28 | CVE-2019-20435 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 4.8 |
2020-01-28 | CVE-2019-20434 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 4.8 |
2020-01-28 | CVE-2019-20443 | Cross-site Scripting vulnerability in Wso2 API Manager, Enterprise Integrator and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 3.5 |
2020-01-28 | CVE-2019-20442 | Cross-site Scripting vulnerability in Wso2 API Manager, Enterprise Integrator and Identity Server An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. | 3.5 |