Vulnerabilities > Wso2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2019-20441 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 3.5 |
| 2020-01-28 | CVE-2019-20440 | Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 3.5 |
| 2019-12-05 | CVE-2019-19587 | Cross-site Scripting vulnerability in Wso2 Enterprise Integrator 6.5.0 In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console. | 4.3 |
| 2019-11-12 | CVE-2019-18882 | Cross-site Scripting vulnerability in Wso2 Identity Server 5.7.0 WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.jag because Content-Type is mishandled. | 4.3 |
| 2019-11-12 | CVE-2019-18881 | Cross-site Scripting vulnerability in Wso2 Identity Server 5.7.0 WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile. | 4.3 |
| 2019-08-16 | CVE-2019-15108 | Cross-site Scripting vulnerability in Wso2 API Manager An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. | 4.8 |
| 2019-05-21 | CVE-2019-6513 | Unrestricted Upload of File with Dangerous Type vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 5.5 |
| 2019-05-14 | CVE-2019-6516 | Server-Side Request Forgery (SSRF) vulnerability in Wso2 Dashboard Server 2.0.0 An issue was discovered in WSO2 Dashboard Server 2.0.0. | 5.0 |
| 2019-05-14 | CVE-2019-6515 | Unspecified vulnerability in Wso2 API Manager 2.6.0 An issue was discovered in WSO2 API Manager 2.6.0. | 5.0 |
| 2019-05-14 | CVE-2019-6514 | Cross-site Scripting vulnerability in Wso2 Dashboard Server 2.0.0 An issue was discovered in WSO2 Dashboard Server 2.0.0. | 3.5 |