A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOA

An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain in

Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certai

A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin

An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows us

A privilege escalation vulnerability exists in multiple WSO2 products due to a business logic flaw in SOAP admin services. A malic

An incorrect authorization vulnerability exists in multiple WSO2 products due to a business logic flaw in the account recovery-rel

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload end