CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-6838

Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.1%

CVSS Severity

CVSS v3 Score 6.1

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-1233/
https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-1233/

Products affected by CVE-2023-6838

Wso2 » Api Manager » Version: 3.1.0

cpe:2.3:a:wso2:api_manager:3.1.0
Wso2 » Api Manager » Version: 3.2.0

cpe:2.3:a:wso2:api_manager:3.2.0
Wso2 » Identity Server » Version: 5.10.0

cpe:2.3:a:wso2:identity_server:5.10.0
Wso2 » Identity Server As Key Manager » Version: 5.10.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6838

Products

Pricing

Contact Us