Filtered by vendor Wso2
Subscriptions
Total
86 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-18881 | 1 Wso2 | 1 Identity Server | 2024-11-21 | 6.1 Medium |
| WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile. | ||||
| CVE-2019-15108 | 1 Wso2 | 1 Api Manager | 2024-11-21 | 4.8 Medium |
| An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-PATCH-4.4.0-4457. There is XSS via a crafted filename to the file-upload feature of the event simulator component. | ||||
| CVE-2019-10797 | 1 Wso2 | 1 Transport-http | 2024-11-21 | 6.5 Medium |
| Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled. | ||||
| CVE-2018-8716 | 1 Wso2 | 1 Identity Server | 2024-11-21 | N/A |
| WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged attackers. | ||||
| CVE-2018-20737 | 1 Wso2 | 3 Api Manager, Identity Server, Identity Server As Key Manager | 2024-11-21 | N/A |
| An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product. | ||||
| CVE-2018-20736 | 1 Wso2 | 1 Api Manager | 2024-11-21 | N/A |
| An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product. | ||||