First published: Mon Jan 27 2020(Updated: )
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Datasource creation page of the Management Console.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WSO2 API Manager | =2.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-20434 is a potential Reflected Cross-Site Scripting (XSS) vulnerability in WSO2 API Manager 2.6.0.
CVE-2019-20434 has a severity rating of 4.8, which is considered medium.
The affected software for CVE-2019-20434 is WSO2 API Manager 2.6.0.
To mitigate the CVE-2019-20434 vulnerability, apply the provided security patches and updates from WSO2 API Manager.
You can find more information about CVE-2019-20434 in the provided references: [1](https://cybersecurityworks.com/zerodays/cve-2019-20434-wso2.html), [2](https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2019-0616), [3](https://github.com/cybersecurityworks/Disclosed/issues/17).