CVE-2023-6911
CVSS v3.1
4.8 (Medium)
EPSS
0.04 % (15th)
Affected Products
9
Advisories
1
Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- WSO2 LLC
- Published Date
-
2023-12-18 09:15:05
(9 months ago) - Updated Date
-
2023-12-22 17:31:09
(9 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Configuration #6
|
Configuration #7
|
Configuration #8
|
Configuration #9
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...