All 3 CVE vulnerabilities found in WSO2 Open Banking IAM, with AI-generated Chinese analysis, references, and POCs.
Vendor: WSO2
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-10853 | Reflected Cross-Site Scripting (XSS) in Management Console of Multiple WSO2 Products Due to Improper Output Encoding CWE-79 | 5.2 | Medium | 2025-11-05 |
| CVE-2025-0663 | Potential cross-tenant account takeover vulnerability in Multiple WSO2 Products via Adaptive Authentication and Auto-Login | 6.8 | Medium | 2025-09-23 |
| CVE-2024-7096 | Privilege Escalation in Multiple WSO2 Products via SOAP Admin Service Due to Business Logic Flaw CWE-863 | 4.2 | Medium | 2025-05-30 |
All 3 known CVE vulnerabilities affecting WSO2 Open Banking IAM with full Chinese analysis, references, and POCs where available.