What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2020-24706.

What is the severity of CVE-2020-24706?

The severity of CVE-2020-24706 is medium.

What is the CWE ID of CVE-2020-24706?

The CWE ID of CVE-2020-24706 is 79.

How can I fix CVE-2020-24706?

To fix CVE-2020-24706, it is recommended to apply the necessary security patch or upgrade to a fixed version of the affected software.

Vulnerability/
CVE-2020-24706

medium

6.1

CWE

27/8/2020

4/8/2024

CVE-2020-24706: XSS

Q: Which products are affected by CVE-2020-24706?

CVE-2020-24706 affects WSO2 API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0.

First published: Thu Aug 27 2020(Updated: )

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
	<=3.1.0
	=2.5.0
	<=5.10.0
	<=5.6.0
	<=5.10.0
	=3.1.0
WSO2 API Manager	<=3.1.0
Wso2 Api Manager Analytics	=2.5.0
WSO2 Identity Server	<=5.10.0
WSO2 Identity Server Analytics	<=5.6.0
WSO2 Identity Server as Key Manager	<=5.10.0
Wso2 Iot Server	=3.1.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2020-24706.
What is the severity of CVE-2020-24706?
The severity of CVE-2020-24706 is medium.
Which products are affected by CVE-2020-24706?
CVE-2020-24706 affects WSO2 API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0.
What is the CWE ID of CVE-2020-24706?
The CWE ID of CVE-2020-24706 is 79.
How can I fix CVE-2020-24706?
To fix CVE-2020-24706, it is recommended to apply the necessary security patch or upgrade to a fixed version of the affected software.

collector/nvd-index
agent/first-publish-date
agent/type
agent/last-modified-date
agent/references
agent/softwarecombine
agent/severity
agent/author
agent/weakness
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/tags
agent/event
collector/mitre-cve
source/MITRE
vendor/wso2
canonical/wso2 api manager
version/wso2 api manager/3.1.0
canonical/wso2 api manager analytics
version/wso2 api manager analytics/2.5.0
canonical/wso2 identity server
version/wso2 identity server/5.10.0
canonical/wso2 identity server analytics
version/wso2 identity server analytics/5.6.0
canonical/wso2 identity server as key manager
version/wso2 identity server as key manager/5.10.0
canonical/wso2 iot server
version/wso2 iot server/3.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.