Vulnerabilities > Wso2 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-29 | CVE-2020-27885 | Cross-site Scripting vulnerability in Wso2 API Manager 3.1.0 Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. | 4.3 |
| 2020-10-21 | CVE-2020-17454 | Cross-site Scripting vulnerability in Wso2 API Manager WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. | 4.3 |
| 2020-08-27 | CVE-2020-24706 | Cross-site Scripting vulnerability in Wso2 products An issue was discovered in certain WSO2 products. | 6.1 |
| 2020-08-27 | CVE-2020-24704 | Cross-site Scripting vulnerability in Wso2 products An issue was discovered in certain WSO2 products. | 6.1 |
| 2020-08-21 | CVE-2020-24591 | XXE vulnerability in Wso2 products The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. | 5.5 |
| 2020-08-21 | CVE-2020-24590 | XML Entity Expansion vulnerability in Wso2 API Manager and API Microgateway The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks. | 6.4 |
| 2020-08-21 | CVE-2020-24589 | XML Entity Expansion vulnerability in Wso2 API Manager and API Microgateway The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection (XXE) attacks. | 6.4 |
| 2020-06-18 | CVE-2020-14446 | Open Redirect vulnerability in Wso2 Identity Server and Identity Server AS KEY Manager An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO2 IS as Key Manager through 5.10.0. | 6.1 |
| 2020-06-18 | CVE-2020-14445 | Cross-site Scripting vulnerability in Wso2 Identity Server and Identity Server AS KEY Manager An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through 5.9.0. | 5.4 |
| 2020-06-18 | CVE-2020-14444 | Cross-site Scripting vulnerability in Wso2 Identity Server and Identity Server AS KEY Manager An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through 5.9.0. | 5.4 |