First published: Mon Jan 27 2020(Updated: )
An issue was discovered in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vulnerability has been identified in the inline API documentation editor page of the API Publisher.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WSO2 API Manager | =2.6.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-20438.
The severity of CVE-2019-20438 is medium (4.8).
The affected software is WSO2 API Manager version 2.6.0.
This vulnerability is a potential stored Cross-Site Scripting (XSS) vulnerability in the inline API documentation editor page of the API Publisher in WSO2 API Manager 2.6.0.
To fix CVE-2019-20438, you should update to the latest version of the WSO2 API Manager.