CVE-2023-31664

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
3
PROJECTS

Description

A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 API Manager before 4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter.

wso2/product-apim
wso2/product-apim
Welcome to the WSO2 API Manager source code! For info on working with the WSO2 API Manager repository and contributing code, click the link below.
GitHubGitHub
986
wso2/api-manager
wso2/api-manager
All issues, tasks, improvements and new features of WSO2 API Manager
GitHubGitHub
43
adilkhan7/CVE-2023-31664
adilkhan7/CVE-2023-31664
CVE-2023-31664 WSO2
GitHubGitHub
3