Wso2 Identity Server Vulnerabilities

Authorization Flaw in WSO2 Products Allows Unauthorized User Account Creation

CVE-2024-7097

Wso2Wso2 Open Banking Am4.3MEDIUM

Privilege Escalation Vulnerability in WSO2 Products

CVE-2024-7096

Wso2Wso2 Open Banking Iam4.2MEDIUM

Reflected Cross-Site Scripting Vulnerability in WSO2 Authentication Endpoint

CVE-2024-5962

Wso2Wso2 Api Manager6.1MEDIUM

Improper Authentication Vulnerability in WSO2 Identity Server

CVE-2024-7487

Wso2Wso2 Identity Server5.8MEDIUM

Reflected XSS Vulnerability in WSO2 Identity Server

CVE-2024-7103

Wso2Wso2 Identity Server4.6MEDIUM

Authorization Flaw in WSO2 Products Allowing User Account Takeover

CVE-2024-6914

Wso2Wso2 Api Manager8.8HIGH

Authorization Flaw in WSO2 Products Allows Direct API Access

CVE-2024-2321

Wso2Wso2 Api Manager5.6MEDIUM

Stored Cross-Site Scripting Vulnerability in WSO2 Management Console

CVE-2023-6911

WSO2WSO2 API Manager4.8MEDIUM

XML External Entity Vulnerability in WSO2 Products

CVE-2023-6836

WSO2WSO2 API Manager 4.6MEDIUM

User Impersonation Vulnerability in WSO2 Products

CVE-2023-6837

WSO2WSO2 API Manager8.2HIGH

Reflected XSS Vulnerability in WSO2 Products

CVE-2023-6838

WSO2WSO2 API Manager6.1MEDIUM

XML External Entity Vulnerability in WSO2 API Manager and Identity Server

CVE-2021-42646

Wso2Api Manager9.1CRITICAL

Reflected XSS Vulnerability in WSO2 Management Console Products

CVE-2022-29548

Wso2Api Manager👾🟡EPSS 67%4.6MEDIUM

Unrestricted File Upload Vulnerability in WSO2 Products

CVE-2022-29464

Wso2Identity Server Analytics💰👾🟡EPSS 94%🦅9.8CRITICAL

DOM-Based XSS Vulnerability in WSO2 Identity Server

CVE-2021-36760

Wso2Identity Server6.1MEDIUM

Cross-Site Scripting Vulnerability in WSO2 Management Console

CVE-2020-17453

Wso2Identity Server As Key...👾🟡EPSS 76%6.1MEDIUM

Session Hijacking Vulnerability in WSO2 API Manager and Other Products

CVE-2020-24703

Wso2Identity Server8.8HIGH

Reflected XSS Vulnerability in WSO2 Products

CVE-2020-24704

Wso2Identity Server6.1MEDIUM

Session Hijacking Vulnerability in WSO2 API Manager and Identity Server

CVE-2020-24705

Wso2Identity Server Analytics8.8HIGH

Reflected XSS Vulnerability in WSO2 API Manager and Identity Server

CVE-2020-24706

Wso2Identity Server Analytics6.1MEDIUM

XML External Entity Vulnerability in WSO2 API Manager and Related Products

CVE-2020-24591

Wso2Identity Server Analytics6.5MEDIUM

Reflected Cross-Site Scripting Vulnerability in WSO2 Identity Server

CVE-2020-14444

Wso2Identity Server5.4MEDIUM

Reflected Cross-Site Scripting in WSO2 Identity Server and Key Manager

CVE-2020-14445

Wso2Identity Server4.4MEDIUM

Open Redirect Vulnerability in WSO2 Identity Server and Key Manager

CVE-2020-14446

Wso2Identity Server As Key...6.1MEDIUM

XXE Vulnerability in WSO2 API Manager and WSO2 IS Key Manager Products

CVE-2020-13883

Wso2Identity Server As Key...5.5MEDIUM

Vulnerability Published:

Sort By:

30 May 2025

Authorization Flaw in WSO2 Products Allows Unauthorized User Account Creation

Privilege Escalation Vulnerability in WSO2 Products

22 May 2025

Reflected Cross-Site Scripting Vulnerability in WSO2 Authentication Endpoint

Improper Authentication Vulnerability in WSO2 Identity Server

Reflected XSS Vulnerability in WSO2 Identity Server

Authorization Flaw in WSO2 Products Allowing User Account Takeover

27 February 2025

Authorization Flaw in WSO2 Products Allows Direct API Access

18 December 2023

Stored Cross-Site Scripting Vulnerability in WSO2 Management Console

15 December 2023

XML External Entity Vulnerability in WSO2 Products

User Impersonation Vulnerability in WSO2 Products

Reflected XSS Vulnerability in WSO2 Products

11 May 2022

XML External Entity Vulnerability in WSO2 API Manager and Identity Server

21 April 2022

Reflected XSS Vulnerability in WSO2 Management Console Products

18 April 2022

Unrestricted File Upload Vulnerability in WSO2 Products

7 December 2021

DOM-Based XSS Vulnerability in WSO2 Identity Server

5 April 2021

Cross-Site Scripting Vulnerability in WSO2 Management Console

27 August 2020

Session Hijacking Vulnerability in WSO2 API Manager and Other Products

Reflected XSS Vulnerability in WSO2 Products

Session Hijacking Vulnerability in WSO2 API Manager and Identity Server

Reflected XSS Vulnerability in WSO2 API Manager and Identity Server

21 August 2020

XML External Entity Vulnerability in WSO2 API Manager and Related Products

18 June 2020

Reflected Cross-Site Scripting Vulnerability in WSO2 Identity Server

Reflected Cross-Site Scripting in WSO2 Identity Server and Key Manager

Open Redirect Vulnerability in WSO2 Identity Server and Key Manager

6 June 2020

XXE Vulnerability in WSO2 API Manager and WSO2 IS Key Manager Products