{"id":7796,"date":"2020-01-02T20:16:37","date_gmt":"2020-01-03T03:16:37","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&#038;p=7796"},"modified":"2023-02-14T18:26:33","modified_gmt":"2023-02-15T01:26:33","slug":"cve-2019-20443-wso2","status":"publish","type":"zerodays","link":"https:\/\/10.42.32.162\/zerodays\/cve-2019-20443-wso2\/","title":{"rendered":"CVE-2019-20443 &#8211; Stored Cross-Site Scripting in WSO2"},"content":{"rendered":"<p>This vulnerability was discovered on the WSO2 Identity Server before 5.7.0. A stored cross-site script (XSS) vulnerability allows an attacker to inject malicious code into the application\u00a0and stored in the server. An input variable vulnerable to stored XSS is \u2018mediaType\u2019 on the browser page.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>*Affected Products:<\/strong> WSO2 API Manager, WSO2 API Manager Analytics, WSO2 Enterprise Integrator, WSO2 IS as Key Manager, WSO2 Identity Server, WSO2 Identity Server Analytics<\/p>\n","protected":false},"featured_media":7776,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7796"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":8,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7796\/revisions"}],"predecessor-version":[{"id":14035,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7796\/revisions\/14035"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/7776"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=7796"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}