Wso2 Api Manager Vulnerabilities

Authorization Flaw in WSO2 Products Allows Unauthorized User Account Creation

CVE-2024-7097

Wso2Wso2 Open Banking Am4.3MEDIUM

Privilege Escalation Vulnerability in WSO2 Products

CVE-2024-7096

Wso2Wso2 Open Banking Iam4.2MEDIUM

Reflected Cross-Site Scripting Vulnerability in WSO2 Authentication Endpoint

CVE-2024-5962

Wso2Wso2 Api Manager6.1MEDIUM

Authorization Flaw in WSO2 Products Allowing User Account Takeover

CVE-2024-6914

Wso2Wso2 Api Manager8.8HIGH

XML External Entity Vulnerability in WSO2 API Manager

CVE-2025-2905

Wso2Wso2 Api Manager9.1CRITICAL

Reflected Cross-Site Scripting Vulnerability in WSO2 Products

CVE-2024-5848

Wso2Wso2 Api Manager6.1MEDIUM

Authorization Flaw in WSO2 Products Allows Direct API Access

CVE-2024-2321

Wso2Wso2 Api Manager5.6MEDIUM

Stored Cross-Site Scripting Vulnerability in WSO2 Management Console

CVE-2023-6911

WSO2WSO2 API Manager4.8MEDIUM

Improper Error Handling in WSO2 Products Exposing Internal Package Names

CVE-2023-6839

Wso2Wso2 Api Manager5.3MEDIUM

Input Validation Flaw in WSO2 Forum Feature Compromises API Integrity

CVE-2023-6835

WSO2WSO2 API Manager4.3MEDIUM

XML External Entity Vulnerability in WSO2 Products

CVE-2023-6836

WSO2WSO2 API Manager 4.6MEDIUM

User Impersonation Vulnerability in WSO2 Products

CVE-2023-6837

WSO2WSO2 API Manager8.2HIGH

Reflected XSS Vulnerability in WSO2 Products

CVE-2023-6838

WSO2WSO2 API Manager6.1MEDIUM

Cross-Site Scripting Vulnerability in WSO2 API Manager

CVE-2023-31664

Wso2Api Manager👾🟡EPSS 14%6.1MEDIUM

XML External Entity Vulnerability in WSO2 API Manager and Identity Server

CVE-2021-42646

Wso2Api Manager9.1CRITICAL

Reflected XSS Vulnerability in WSO2 Management Console Products

CVE-2022-29548

Wso2Api Manager👾🟡EPSS 67%4.6MEDIUM

Unrestricted File Upload Vulnerability in WSO2 Products

CVE-2022-29464

Wso2Identity Server Analytics💰👾🟡EPSS 94%🦅9.8CRITICAL

DOM-Based XSS Vulnerability in WSO2 Identity Server

CVE-2021-36760

Wso2Identity Server6.1MEDIUM

Cross-Site Scripting Vulnerability in WSO2 Management Console

CVE-2020-17453

Wso2Identity Server As Key...👾🟡EPSS 76%6.1MEDIUM

Cross-Site Scripting Vulnerability in WSO2 API Manager by WSO2

CVE-2020-27885

Wso2Api Manager6.1MEDIUM

Reflected Cross-Site Scripting in WSO2 API Manager by WSO2

CVE-2020-17454

Wso2Api Manager6.1MEDIUM

Session Hijacking Vulnerability in WSO2 API Manager and Other Products

CVE-2020-24703

Wso2Identity Server8.8HIGH

Reflected XSS Vulnerability in WSO2 Products

CVE-2020-24704

Wso2Identity Server6.1MEDIUM

Session Hijacking Vulnerability in WSO2 API Manager and Identity Server

CVE-2020-24705

Wso2Identity Server Analytics8.8HIGH

Reflected XSS Vulnerability in WSO2 API Manager and Identity Server

CVE-2020-24706

Wso2Identity Server Analytics6.1MEDIUM

Vulnerability Published:

Sort By:

30 May 2025

Authorization Flaw in WSO2 Products Allows Unauthorized User Account Creation

Privilege Escalation Vulnerability in WSO2 Products

22 May 2025

Reflected Cross-Site Scripting Vulnerability in WSO2 Authentication Endpoint

Authorization Flaw in WSO2 Products Allowing User Account Takeover

5 May 2025

XML External Entity Vulnerability in WSO2 API Manager

27 February 2025

Reflected Cross-Site Scripting Vulnerability in WSO2 Products

Authorization Flaw in WSO2 Products Allows Direct API Access

18 December 2023

Stored Cross-Site Scripting Vulnerability in WSO2 Management Console

15 December 2023

Improper Error Handling in WSO2 Products Exposing Internal Package Names

Input Validation Flaw in WSO2 Forum Feature Compromises API Integrity

XML External Entity Vulnerability in WSO2 Products

User Impersonation Vulnerability in WSO2 Products

Reflected XSS Vulnerability in WSO2 Products

23 May 2023

Cross-Site Scripting Vulnerability in WSO2 API Manager

11 May 2022

XML External Entity Vulnerability in WSO2 API Manager and Identity Server

21 April 2022

Reflected XSS Vulnerability in WSO2 Management Console Products

18 April 2022

Unrestricted File Upload Vulnerability in WSO2 Products

7 December 2021

DOM-Based XSS Vulnerability in WSO2 Identity Server

5 April 2021

Cross-Site Scripting Vulnerability in WSO2 Management Console

29 October 2020

Cross-Site Scripting Vulnerability in WSO2 API Manager by WSO2

21 October 2020

Reflected Cross-Site Scripting in WSO2 API Manager by WSO2

27 August 2020

Session Hijacking Vulnerability in WSO2 API Manager and Other Products

Reflected XSS Vulnerability in WSO2 Products

Session Hijacking Vulnerability in WSO2 API Manager and Identity Server

Reflected XSS Vulnerability in WSO2 API Manager and Identity Server