An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks would not be possible.
References
Link | Resource |
---|---|
https://www.gruppotim.it/it/footer/red-team.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-09T16:39:26
Updated: 2022-09-09T16:39:26
Reserved: 2022-09-05T00:00:00
Link: CVE-2022-39810
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-09T17:15:08.593
Modified: 2022-09-14T16:43:16.677
Link: CVE-2022-39810
JSON object: View
Redhat Information
No data.
CWE