All the vulnerabilites related to WSO2 - WSO2 Traffic Manager
cve-2025-5717
Vulnerability from cvelistv5
Published
2025-09-23 16:05
Modified
2025-09-23 18:37
Severity ?
EPSS score ?
Summary
Authenticated Remote Code Execution in Multiple WSO2 Products via Event Processor Admin Service
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5717",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T18:31:28.992929Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T18:37:55.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.0.0.174",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.0.330",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.426",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.46",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.0.0.344",
"status": "affected",
"version": "4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.1.0.208",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.147",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.59",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.22",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.6",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Open Banking AM",
"vendor": "WSO2",
"versions": [
{
"lessThan": "2.0.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.0.0.379",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.6",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.6",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.siddhi:siddhi-extension-eval-scriptApache",
"product": "Siddhi Extension Evaluate Scripts",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.6.8",
"status": "affected",
"version": "3.2.6",
"versionType": "custom"
},
{
"lessThan": "3.2.7.6",
"status": "affected",
"version": "3.2.7",
"versionType": "custom"
},
{
"lessThan": "3.2.8.3",
"status": "affected",
"version": "3.2.8",
"versionType": "custom"
},
{
"lessThan": "3.2.10.1",
"status": "affected",
"version": "3.2.10",
"versionType": "custom"
},
{
"lessThan": "3.2.13.2",
"status": "affected",
"version": "3.2.13",
"versionType": "custom"
},
{
"lessThan": "3.2.14.1",
"status": "affected",
"version": "3.2.14",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "3.2.15",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "No\u00ebl MACCARY"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server.\u003cbr\u003e\u003cbr\u003eExploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users.\u003cbr\u003e"
}
],
"value": "An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server.\n\nExploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T16:05:19.923Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4119/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4119",
"discovery": "EXTERNAL"
},
"title": "Authenticated Remote Code Execution in Multiple WSO2 Products via Event Processor Admin Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-5717",
"datePublished": "2025-09-23T16:05:19.923Z",
"dateReserved": "2025-06-05T06:06:53.039Z",
"dateUpdated": "2025-09-23T18:37:55.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-4760
Vulnerability from cvelistv5
Published
2025-09-23 14:55
Modified
2025-09-23 19:58
Severity ?
EPSS score ?
Summary
Authenticated Stored Cross-Site Scripting (XSS) in Multiple WSO2 Products via API Document Upload in Publisher
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4760",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-23T19:58:20.115874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T19:58:26.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WSO2 API Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "3.2.0",
"status": "unknown",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "3.2.0.428",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.2.1.48",
"status": "affected",
"version": "3.2.1",
"versionType": "custom"
},
{
"lessThan": "4.1.0.209",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"lessThan": "4.2.0.145",
"status": "affected",
"version": "4.2.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.60",
"status": "affected",
"version": "4.3.0",
"versionType": "custom"
},
{
"lessThan": "4.4.0.23",
"status": "affected",
"version": "4.4.0",
"versionType": "custom"
},
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 API Control Plane",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.8",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Universal Gateway",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WSO2 Traffic Manager",
"vendor": "WSO2",
"versions": [
{
"lessThan": "4.5.0.7",
"status": "affected",
"version": "4.5.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"packageName": "org.wso2.carbon.apimgt:org.wso2.carbon.apimgt.api",
"product": "WSO2 Carbon API Management API",
"vendor": "WSO2",
"versions": [
{
"lessThan": "6.7.206.559",
"status": "affected",
"version": "6.7.206",
"versionType": "custom"
},
{
"lessThan": "6.7.210.48",
"status": "affected",
"version": "6.7.210",
"versionType": "custom"
},
{
"lessThan": "9.20.74.365",
"status": "affected",
"version": "9.20.74",
"versionType": "custom"
},
{
"lessThan": "9.28.116.321",
"status": "affected",
"version": "9.28.116",
"versionType": "custom"
},
{
"lessThan": "9.29.120.163",
"status": "affected",
"version": "9.29.120",
"versionType": "custom"
},
{
"lessThan": "9.30.67.80",
"status": "affected",
"version": "9.30.67",
"versionType": "custom"
},
{
"lessThan": "9.31.86.30",
"status": "affected",
"version": "9.31.86",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "9.31.117",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ph\u1ea1m H\u1ed3 Anh D\u0169ng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing malicious JavaScript, which is later rendered in the browser when accessed by other users.\u003cbr\u003e\u003cbr\u003eA successful attack could result in redirection to malicious websites, unauthorized UI modifications, or exfiltration of browser-accessible data. However, session-related sensitive cookies are protected by the httpOnly flag, preventing session hijacking.\u003cbr\u003e"
}
],
"value": "An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing malicious JavaScript, which is later rendered in the browser when accessed by other users.\n\nA successful attack could result in redirection to malicious websites, unauthorized UI modifications, or exfiltration of browser-accessible data. However, session-related sensitive cookies are protected by the httpOnly flag, preventing session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-23T14:55:04.917Z",
"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"shortName": "WSO2"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4104/#solution"
}
],
"source": {
"advisory": "WSO2-2025-4104",
"discovery": "EXTERNAL"
},
"title": "Authenticated Stored Cross-Site Scripting (XSS) in Multiple WSO2 Products via API Document Upload in Publisher",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
"assignerShortName": "WSO2",
"cveId": "CVE-2025-4760",
"datePublished": "2025-09-23T14:55:04.917Z",
"dateReserved": "2025-05-15T10:20:31.569Z",
"dateUpdated": "2025-09-23T19:58:26.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}