A vulnerability was discovered on WSO2 API Manager 2.6.0 in defining the scope to manage the API page of the API Publisher. An input variable vulnerable to stored XSS is ‘roles’ on the API page. A reflected cross-site script (XSS) vulnerability allows an attacker to inject malicious code into the scope to an API in the API publisher by providing XSS payload as a value for roles.
-
Products
Our ASM platform discovers, analyzes, prioritizes, & offers remediation plans for exposures in your known & unknown assets.
Our VI platform delivers threat intelligence & context on the latest cyber threats providing you with actionable insights for remediation.
-
Services
Our vulnerability management continually detects, prioritizes, & plans remediation to protect your entire IT landscape.
Our penetration testing simulates a real-world attack on your digital assets to determine the strength of your security & defenses.
-
Use Cases
-
Partners
As a partner led organization, we are committed to working with our partners to deliver world-class early warning security intelligence solutions that eliminate the adversary advantage & deliver superior security outcomes for your clients.
- Resources
-
About
.png)
.png)
.png)
.png)