CVE-2019-20438

CVSS 4.8 MEDIUMEPSS 0.8%

An issue was discovered in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vulnerability has been identified in the inline API documentation editor page of the API Publisher.

CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:H/S:C/UI:R

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cybersecurityworks.com/zerodays/cve-2019-20438-wso2.html https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0645 https://github.com/cybersecurityworks/Disclosed/issues/22