CVE-2018-20737

CVE-2018-20737

EPSS 1.0%

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/978/files https://wso2.com/security-patch-releases/api-manager https://www.excellium-services.com/cert-xlm-advisory/cve-2018-20737/