Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0, Enterprise Integrator 6.2.0 and 6.3.0, and Identity Server Analytics through 5.6.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
WSO2 多款产品代码问题漏洞
Vulnerability Description
WSO2 API Manager等都是美国WSO2公司的产品。WSO2 API Manager是一套API生命周期管理解决方案。WSO2 Enterprise Integrator是一套开源的混合集成平台。WSO2 API Microgateway是一款云原生、可扩展的API网关产品。 WSO2 多款产品存在安全漏洞。以下产品及版本受到影响:API Manager 从3.0.0开始版本, API Manager Analytics 2.2.0版本和2.5.0版本, API Microgateway 2.2
CVSS Information
N/A
Vulnerability Type
N/A