CVE-2020-17453

CVE-2020-17453

EPSS 26.1%

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/JHHAX/CVE-2020-17453-PoC https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-1132/https://twitter.com/JacksonHHax/status/1374681422678519813