CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-6835

Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.9%

CVSS Severity

CVSS v3 Score 4.3

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2021-1357/
https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2021-1357/

Products affected by CVE-2023-6835

Wso2 » Api Manager » Version: 2.2.0

cpe:2.3:a:wso2:api_manager:2.2.0
Wso2 » Api Manager » Version: 2.5.0

cpe:2.3:a:wso2:api_manager:2.5.0
Wso2 » Api Manager » Version: 2.6.0

cpe:2.3:a:wso2:api_manager:2.6.0
Wso2 » Iot Server » Version: 3.3.1

cpe:2.3:a:wso2:iot_server:3.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6835

Products

Pricing

Contact Us