Wso2: >> Enterprise Integrator Security Vulnerabilities
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulnerability in mediaType has been identified in the registry UI.
CVSS Score
3.5
EPSS Score
0.005
Published
2020-01-28
In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updating the message processor configuration from the source view in the Management Console.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-12-05
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.
CVSS Score
4.8
EPSS Score
0.093
Published
2017-09-21
Page 3