Skip to content
/ WSO2-2021-1261 Public

WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/WSO2-2021-1261

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
WSO2 ESB - WSO2-2021-1261.pdf
WSO2 ESB - WSO2-2021-1261.pdf
 
 

Repository files navigation

WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB

Due to improper output encoding, multiple Cross Site Scripting (XSS) attacks have been identified in WSO2 ESB.

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Why no CVE?

Neither me nor the vendor requested a CVE for this vulnerability.

Requirements:

This vulnerability requires:

  • Some XSSs require valid user credentials

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

About

WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB

Topics

authenticated unauthenticated cross-site-scripting 0-day wso2-2021-1261

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository