← back
CVE-2020-12719

CVE-2020-12719

CVSS 8.7 HIGHEPSS 1.0%
XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.
CVSS:3.0/AC:L/AV:N/A:H/C:H/I:N/PR:H/S:C/UI:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0665