CVE-2020-17453
maven/org.wso2.carbon.analytics-common/org.wso2.carbon.event.publisher.core
Cross-site Scripting
WSO2 Management Console allows XSS via the carbon/admin/login.jsp msgId parameter.
Version 2.2.0, all versions starting from 2.5.0 up to 2.6.0
Unfortunately, there is no solution available yet.
2021-04-10
source |