First published: Tue Nov 12 2019(Updated: )
WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WSO2 Identity Server | =5.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2019-18881.
The severity of CVE-2019-18881 is medium with a CVSS score of 6.1.
WSO2 IS as Key Manager 5.7.0 is affected by CVE-2019-18881.
CVE-2019-18881 allows unauthenticated reflected XSS in the dashboard user profile.
Please refer to the vendor's security advisory for information on available fixes for CVE-2019-18881.