Intrusion PreventionWSO2.Management.Console.login.jsp.Reflected.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in the Management Console of WSO2 products.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when parsing HTTP request. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application, via a crafted HTTP request.
Affected Products
WSO2 API Manager: 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, 4.0.0
WSO2 API Manager Analytics: 2.2.0, 2.5.0, 2.6.0
WSO2 API Microgateway: 2.2.0
WSO2 Data Analytics Server: 3.2.0
WSO2 Enterprise Integrator: 6.2.0, 6.3.0, 6.4.0, 6.5.0, 6.6.0
WSO2 IS as KeyManager: 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0
WSO2 Identity Server: 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, 5.11.0
WSO2 Identity Server Analytics: 5.5.0, 5.6.0
WSO2 Micro Integrator: 1.0.0
Impact
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected system.
Recommended Actions
Refer to the vendor's advisory for updates:
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1603
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| ID | 52203 |
| Created | Oct 06, 2022 |
| Updated | Nov 09, 2022 |
| CVE ID | |
| Risk |
|
| Exploit Prediction Score | 76.36% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | Other |
| Profile Type | XSS |