First published: Mon Mar 18 2019(Updated: )
An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WSO2 API Manager | =2.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-20736 is a vulnerability discovered in WSO2 API Manager 2.1.0 and 2.6.0, which allows for DOM-based XSS attacks in the store section of the product.
The severity of CVE-2018-20736 is medium with a CVSS score of 5.4.
CVE-2018-20736 affects WSO2 API Manager versions 2.1.0 and 2.6.0.
To fix CVE-2018-20736, it is recommended to apply the security patch released by WSO2.
You can find more information about CVE-2018-20736 in the following references: [link1], [link2], [link3].