{"id":7811,"date":"2019-07-06T20:30:06","date_gmt":"2019-07-07T03:30:06","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&#038;p=7811"},"modified":"2023-02-06T10:28:24","modified_gmt":"2023-02-06T17:28:24","slug":"cve-2019-20440-wso2","status":"publish","type":"zerodays","link":"https:\/\/10.42.32.162\/zerodays\/cve-2019-20440-wso2\/","title":{"rendered":"CVE-2019-20440 &#8211; Multiple Reflected Cross-site Scripting in WSO2"},"content":{"rendered":"<p>Multiple Reflected Cross-Site Scripting (XSS) vulnerability exists in WSO2 API Manager Product 2.6.0 in the update API documentation feature of the API Publisher. A reflected cross-site script (XSS) vulnerability allows an attacker to inject malicious code into the application. An input variable vulnerable to reflected XSS is &#8216;docName,&#8217; &#8216;version&#8217; and &#8216;apiName&#8217; in the APIs page.<\/p>\n","protected":false},"featured_media":7776,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7811"}],"collection":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":5,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7811\/revisions"}],"predecessor-version":[{"id":13651,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/zerodays\/7811\/revisions\/13651"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media\/7776"}],"wp:attachment":[{"href":"https:\/\/10.42.32.162\/wp-json\/wp\/v2\/media?parent=7811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}