Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.wso2.carbon.registry:carbon-registry(Maven) | 0 | 4.7.37 | N/A |
CVSS Metrics
