Описание
Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:wso2:api_manager:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:api_manager:3.2.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00593
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
около 2 лет назад
Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests.
EPSS
Процентиль: 69%
0.00593
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79