The management console of multiple WSO2 products suffer from a Cross-Site Scripting vulnerability : – WSO2 API Manager versions 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, 4.0.0 – WSO2 API Manager Analytics versions 2.2.0, 2.5.0, 2.6.0 – WSO2 API Microgateway version 2.2.0 – WSO2 Data Analytics Server version 3.2.0 – WSO2 Entreprise Integrator versions 6.2.0, 6.3.0, 6.4.0, 6.5.0, 6.6.0 – WSO2 IS as Key Manager versions 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0 – WSO2 Identity Server versions 5.5.0, 5.6.0, 5.7.0, 5.8.0, 5.9.0, 5.10.0, 5.11.0, 6.0.0 – WSO2 Identity Server Analytics versions 5.5.0, 5.6.0 By leveraging this vulnerability, a remote and unauthenticated attacker can target management console users browsers to perform arbitrary…Read More