iot server · threatengine.sh

Home/Product/wso2 iot server

Product

wso2 iot server

7 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API r

In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affe

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager through 3.1.0, AP

An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-cont

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manage

An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-cont

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin