Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Message_broker
(Wso2)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-12-18 | CVE-2023-6911 | Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console. | Api_manager, Api_manager_analytics, Api_microgateway, Data_analytics_server, Enterprise_integrator, Identity_server, Identity_server_analytics, Identity_server_as_key_manager, Message_broker | 4.8 | ||
| 2017-09-21 | CVE-2017-14651 | WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter. | Api_manager, App_manager, Application_server, Business_process_server, Business_rules_server, Complex_event_processor, Dashboard_server, Data_analytics_server, Data_services_server, Enterprise_integrator, Enterprise_mobility_manager, Governance_registry, Identity_server, Iot_server, Machine_learner, Message_broker, Storage_server | 4.8 |