CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24706

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2020-24706

Wso2 » Api Manager » Version: N/A

cpe:2.3:a:wso2:api_manager:-
Wso2 » Api Manager » Version: 1.0.0

cpe:2.3:a:wso2:api_manager:1.0.0
Wso2 » Api Manager » Version: 1.1.1

cpe:2.3:a:wso2:api_manager:1.1.1
Wso2 » Api Manager » Version: 1.10.0

cpe:2.3:a:wso2:api_manager:1.10.0
Wso2 » Api Manager » Version: 1.2.0

cpe:2.3:a:wso2:api_manager:1.2.0
Wso2 » Api Manager » Version: 1.3.0

cpe:2.3:a:wso2:api_manager:1.3.0
Wso2 » Api Manager » Version: 1.3.1

cpe:2.3:a:wso2:api_manager:1.3.1
Wso2 » Api Manager » Version: 1.4.0

cpe:2.3:a:wso2:api_manager:1.4.0
Wso2 » Api Manager » Version: 1.5.0

cpe:2.3:a:wso2:api_manager:1.5.0
Wso2 » Api Manager » Version: 1.6.0

cpe:2.3:a:wso2:api_manager:1.6.0
Wso2 » Api Manager » Version: 1.7.0

cpe:2.3:a:wso2:api_manager:1.7.0
Wso2 » Api Manager » Version: 1.8.0

cpe:2.3:a:wso2:api_manager:1.8.0
Wso2 » Api Manager » Version: 1.9.0

cpe:2.3:a:wso2:api_manager:1.9.0
Wso2 » Api Manager » Version: 1.9.1

cpe:2.3:a:wso2:api_manager:1.9.1
Wso2 » Api Manager » Version: 2.0.0

cpe:2.3:a:wso2:api_manager:2.0.0
Wso2 » Api Manager » Version: 2.1.0

cpe:2.3:a:wso2:api_manager:2.1.0
Wso2 » Api Manager » Version: 2.2.0

cpe:2.3:a:wso2:api_manager:2.2.0
Wso2 » Api Manager » Version: 2.5.0

cpe:2.3:a:wso2:api_manager:2.5.0
Wso2 » Api Manager » Version: 2.6.0

cpe:2.3:a:wso2:api_manager:2.6.0
Wso2 » Api Manager » Version: 3.0.0

cpe:2.3:a:wso2:api_manager:3.0.0
Wso2 » Api Manager » Version: 3.1.0

cpe:2.3:a:wso2:api_manager:3.1.0
Wso2 » Api Manager Analytics » Version: 2.5.0

cpe:2.3:a:wso2:api_manager_analytics:2.5.0
Wso2 » Identity Server » Version: 1.5.0

cpe:2.3:a:wso2:identity_server:1.5.0
Wso2 » Identity Server » Version: 2.0.0

cpe:2.3:a:wso2:identity_server:2.0.0
Wso2 » Identity Server » Version: 2.0.1

cpe:2.3:a:wso2:identity_server:2.0.1
Wso2 » Identity Server » Version: 2.0.2

cpe:2.3:a:wso2:identity_server:2.0.2
Wso2 » Identity Server » Version: 2.0.3

cpe:2.3:a:wso2:identity_server:2.0.3
Wso2 » Identity Server » Version: 3.0.0

cpe:2.3:a:wso2:identity_server:3.0.0
Wso2 » Identity Server » Version: 3.0.1

cpe:2.3:a:wso2:identity_server:3.0.1
Wso2 » Identity Server » Version: 3.2.0

cpe:2.3:a:wso2:identity_server:3.2.0
Wso2 » Identity Server » Version: 3.2.2

cpe:2.3:a:wso2:identity_server:3.2.2
Wso2 » Identity Server » Version: 3.2.3

cpe:2.3:a:wso2:identity_server:3.2.3
Wso2 » Identity Server » Version: 4.0.0

cpe:2.3:a:wso2:identity_server:4.0.0
Wso2 » Identity Server » Version: 4.1.0

cpe:2.3:a:wso2:identity_server:4.1.0
Wso2 » Identity Server » Version: 4.5.0

cpe:2.3:a:wso2:identity_server:4.5.0
Wso2 » Identity Server » Version: 4.6.0

cpe:2.3:a:wso2:identity_server:4.6.0
Wso2 » Identity Server » Version: 5.0.0

cpe:2.3:a:wso2:identity_server:5.0.0
Wso2 » Identity Server » Version: 5.1.0

cpe:2.3:a:wso2:identity_server:5.1.0
Wso2 » Identity Server » Version: 5.10.0

cpe:2.3:a:wso2:identity_server:5.10.0
Wso2 » Identity Server » Version: 5.2.0

cpe:2.3:a:wso2:identity_server:5.2.0
Wso2 » Identity Server » Version: 5.3.0

cpe:2.3:a:wso2:identity_server:5.3.0
Wso2 » Identity Server » Version: 5.4.0

cpe:2.3:a:wso2:identity_server:5.4.0
Wso2 » Identity Server » Version: 5.4.1

cpe:2.3:a:wso2:identity_server:5.4.1
Wso2 » Identity Server » Version: 5.5.0

cpe:2.3:a:wso2:identity_server:5.5.0
Wso2 » Identity Server » Version: 5.6.0

cpe:2.3:a:wso2:identity_server:5.6.0
Wso2 » Identity Server » Version: 5.7.0

cpe:2.3:a:wso2:identity_server:5.7.0
Wso2 » Identity Server » Version: 5.8.0

cpe:2.3:a:wso2:identity_server:5.8.0
Wso2 » Identity Server » Version: 5.9.0

cpe:2.3:a:wso2:identity_server:5.9.0
Wso2 » Identity Server Analytics » Version: N/A

cpe:2.3:a:wso2:identity_server_analytics:-
Wso2 » Identity Server Analytics » Version: 5.4.0

cpe:2.3:a:wso2:identity_server_analytics:5.4.0
Wso2 » Identity Server Analytics » Version: 5.4.1

cpe:2.3:a:wso2:identity_server_analytics:5.4.1
Wso2 » Identity Server Analytics » Version: 5.5.0

cpe:2.3:a:wso2:identity_server_analytics:5.5.0
Wso2 » Identity Server Analytics » Version: 5.6.0

cpe:2.3:a:wso2:identity_server_analytics:5.6.0
Wso2 » Identity Server As Key Manager » Version: N/A

cpe:2.3:a:wso2:identity_server_as_key_manager:-
Wso2 » Identity Server As Key Manager » Version: 1.10.0

cpe:2.3:a:wso2:identity_server_as_key_manager:1.10.0
Wso2 » Identity Server As Key Manager » Version: 1.9.0

cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.0
Wso2 » Identity Server As Key Manager » Version: 1.9.1

cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.1
Wso2 » Identity Server As Key Manager » Version: 2.0.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.0.0
Wso2 » Identity Server As Key Manager » Version: 2.1.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.1.0
Wso2 » Identity Server As Key Manager » Version: 2.2.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.2.0
Wso2 » Identity Server As Key Manager » Version: 2.5.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.5.0
Wso2 » Identity Server As Key Manager » Version: 2.6.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.6.0
Wso2 » Identity Server As Key Manager » Version: 3.0.0

cpe:2.3:a:wso2:identity_server_as_key_manager:3.0.0
Wso2 » Identity Server As Key Manager » Version: 3.1.0

cpe:2.3:a:wso2:identity_server_as_key_manager:3.1.0
Wso2 » Identity Server As Key Manager » Version: 5.0.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.0.0
Wso2 » Identity Server As Key Manager » Version: 5.1.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.1.0
Wso2 » Identity Server As Key Manager » Version: 5.10.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0
Wso2 » Identity Server As Key Manager » Version: 5.2.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.2.0
Wso2 » Identity Server As Key Manager » Version: 5.3.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0
Wso2 » Identity Server As Key Manager » Version: 5.4.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.0
Wso2 » Identity Server As Key Manager » Version: 5.4.1

cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.1
Wso2 » Identity Server As Key Manager » Version: 5.5.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0
Wso2 » Identity Server As Key Manager » Version: 5.6.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0
Wso2 » Identity Server As Key Manager » Version: 5.7.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0
Wso2 » Identity Server As Key Manager » Version: 5.8.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.8.0
Wso2 » Identity Server As Key Manager » Version: 5.9.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0
Wso2 » Iot Server » Version: 3.1.0

cpe:2.3:a:wso2:iot_server:3.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24706

Products

Pricing

Contact Us