|
219531
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vulnerability has been identified in the inline API documentation editor page of the API Publisher.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20438
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219532
|
6.1 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. When a custom claim dialect with an XSS payload is configured in the identity provider…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20437
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219533
|
6.1 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. If there is a claim dialect configured with an XSS payload in the dialect URI, and a u…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20436
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219534
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a har…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20435
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219535
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Datasource creation page of the Management Console.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20434
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219536
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
enterprise_integrator
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20443
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219537
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
enterprise_integrator
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20442
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219538
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS) vulnerability has been identified in the 'implement phase' of the API Publisher.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20441
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219539
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the update API documentation feature of the API Publisher.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20440
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219540
|
9.1 |
CRITICAL
Network
|
gnu
|
aspell
|
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20433
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
