CVE-2020-17453
Cross-site Scripting in maven/org.wso2.carbon.analytics-common/org.wso2.carbon.event.publisher.core
Identifiers
CVE-2020-17453
Package Slug
maven/org.wso2.carbon.analytics-common/org.wso2.carbon.event.publisher.core
Vulnerability
Cross-site Scripting
Description
WSO2 Management Console allows XSS via the carbon/admin/login.jsp msgId parameter.
Affected Versions
Version 2.2.0, all versions starting from 2.5.0 up to 2.6.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2021-04-10
| source |