CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24706

An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 72.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2020-24706

Wso2 » Api Manager » Version: N/A

cpe:2.3:a:wso2:api_manager:-
Wso2 » Api Manager » Version: 1.0.0

cpe:2.3:a:wso2:api_manager:1.0.0
Wso2 » Api Manager » Version: 1.1.1

cpe:2.3:a:wso2:api_manager:1.1.1
Wso2 » Api Manager » Version: 1.10.0

cpe:2.3:a:wso2:api_manager:1.10.0
Wso2 » Api Manager » Version: 1.2.0

cpe:2.3:a:wso2:api_manager:1.2.0
Wso2 » Api Manager » Version: 1.3.0

cpe:2.3:a:wso2:api_manager:1.3.0
Wso2 » Api Manager » Version: 1.3.1

cpe:2.3:a:wso2:api_manager:1.3.1
Wso2 » Api Manager » Version: 1.4.0

cpe:2.3:a:wso2:api_manager:1.4.0
Wso2 » Api Manager » Version: 1.5.0

cpe:2.3:a:wso2:api_manager:1.5.0
Wso2 » Api Manager » Version: 1.6.0

cpe:2.3:a:wso2:api_manager:1.6.0
Wso2 » Api Manager » Version: 1.7.0

cpe:2.3:a:wso2:api_manager:1.7.0
Wso2 » Api Manager » Version: 1.8.0

cpe:2.3:a:wso2:api_manager:1.8.0
Wso2 » Api Manager » Version: 1.9.0

cpe:2.3:a:wso2:api_manager:1.9.0
Wso2 » Api Manager » Version: 1.9.1

cpe:2.3:a:wso2:api_manager:1.9.1
Wso2 » Api Manager » Version: 2.0.0

cpe:2.3:a:wso2:api_manager:2.0.0
Wso2 » Api Manager » Version: 2.0.0.28

cpe:2.3:a:wso2:api_manager:2.0.0.28
Wso2 » Api Manager » Version: 2.1.0

cpe:2.3:a:wso2:api_manager:2.1.0
Wso2 » Api Manager » Version: 2.1.0.38

cpe:2.3:a:wso2:api_manager:2.1.0.38
Wso2 » Api Manager » Version: 2.2.0

cpe:2.3:a:wso2:api_manager:2.2.0
Wso2 » Api Manager » Version: 2.2.0.57

cpe:2.3:a:wso2:api_manager:2.2.0.57
Wso2 » Api Manager » Version: 2.5.0

cpe:2.3:a:wso2:api_manager:2.5.0
Wso2 » Api Manager » Version: 2.5.0.83

cpe:2.3:a:wso2:api_manager:2.5.0.83
Wso2 » Api Manager » Version: 2.6.0

cpe:2.3:a:wso2:api_manager:2.6.0
Wso2 » Api Manager » Version: 2.6.0.143

cpe:2.3:a:wso2:api_manager:2.6.0.143
Wso2 » Api Manager » Version: 2.6.0.150

cpe:2.3:a:wso2:api_manager:2.6.0.150
Wso2 » Api Manager » Version: 3.0.0

cpe:2.3:a:wso2:api_manager:3.0.0
Wso2 » Api Manager » Version: 3.0.0.162

cpe:2.3:a:wso2:api_manager:3.0.0.162
Wso2 » Api Manager » Version: 3.0.0.180

cpe:2.3:a:wso2:api_manager:3.0.0.180
Wso2 » Api Manager » Version: 3.1.0

cpe:2.3:a:wso2:api_manager:3.1.0
Wso2 » Api Manager Analytics » Version: 2.5.0

cpe:2.3:a:wso2:api_manager_analytics:2.5.0
Wso2 » Identity Server » Version: 1.5.0

cpe:2.3:a:wso2:identity_server:1.5.0
Wso2 » Identity Server » Version: 2.0.0

cpe:2.3:a:wso2:identity_server:2.0.0
Wso2 » Identity Server » Version: 2.0.1

cpe:2.3:a:wso2:identity_server:2.0.1
Wso2 » Identity Server » Version: 2.0.2

cpe:2.3:a:wso2:identity_server:2.0.2
Wso2 » Identity Server » Version: 2.0.3

cpe:2.3:a:wso2:identity_server:2.0.3
Wso2 » Identity Server » Version: 3.0.0

cpe:2.3:a:wso2:identity_server:3.0.0
Wso2 » Identity Server » Version: 3.0.1

cpe:2.3:a:wso2:identity_server:3.0.1
Wso2 » Identity Server » Version: 3.2.0

cpe:2.3:a:wso2:identity_server:3.2.0
Wso2 » Identity Server » Version: 3.2.2

cpe:2.3:a:wso2:identity_server:3.2.2
Wso2 » Identity Server » Version: 3.2.3

cpe:2.3:a:wso2:identity_server:3.2.3
Wso2 » Identity Server » Version: 4.0.0

cpe:2.3:a:wso2:identity_server:4.0.0
Wso2 » Identity Server » Version: 4.1.0

cpe:2.3:a:wso2:identity_server:4.1.0
Wso2 » Identity Server » Version: 4.5.0

cpe:2.3:a:wso2:identity_server:4.5.0
Wso2 » Identity Server » Version: 4.6.0

cpe:2.3:a:wso2:identity_server:4.6.0
Wso2 » Identity Server » Version: 5.0.0

cpe:2.3:a:wso2:identity_server:5.0.0
Wso2 » Identity Server » Version: 5.1.0

cpe:2.3:a:wso2:identity_server:5.1.0
Wso2 » Identity Server » Version: 5.10.0

cpe:2.3:a:wso2:identity_server:5.10.0
Wso2 » Identity Server » Version: 5.2.0

cpe:2.3:a:wso2:identity_server:5.2.0
Wso2 » Identity Server » Version: 5.3.0

cpe:2.3:a:wso2:identity_server:5.3.0
Wso2 » Identity Server » Version: 5.4.0

cpe:2.3:a:wso2:identity_server:5.4.0
Wso2 » Identity Server » Version: 5.4.1

cpe:2.3:a:wso2:identity_server:5.4.1
Wso2 » Identity Server » Version: 5.5.0

cpe:2.3:a:wso2:identity_server:5.5.0
Wso2 » Identity Server » Version: 5.6.0

cpe:2.3:a:wso2:identity_server:5.6.0
Wso2 » Identity Server » Version: 5.7.0

cpe:2.3:a:wso2:identity_server:5.7.0
Wso2 » Identity Server » Version: 5.8.0

cpe:2.3:a:wso2:identity_server:5.8.0
Wso2 » Identity Server » Version: 5.9.0

cpe:2.3:a:wso2:identity_server:5.9.0
Wso2 » Identity Server Analytics » Version: N/A

cpe:2.3:a:wso2:identity_server_analytics:-
Wso2 » Identity Server Analytics » Version: 1.0.0

cpe:2.3:a:wso2:identity_server_analytics:1.0.0
Wso2 » Identity Server Analytics » Version: 5.2.0

cpe:2.3:a:wso2:identity_server_analytics:5.2.0
Wso2 » Identity Server Analytics » Version: 5.3.0

cpe:2.3:a:wso2:identity_server_analytics:5.3.0
Wso2 » Identity Server Analytics » Version: 5.4.0

cpe:2.3:a:wso2:identity_server_analytics:5.4.0
Wso2 » Identity Server Analytics » Version: 5.4.1

cpe:2.3:a:wso2:identity_server_analytics:5.4.1
Wso2 » Identity Server Analytics » Version: 5.5.0

cpe:2.3:a:wso2:identity_server_analytics:5.5.0
Wso2 » Identity Server Analytics » Version: 5.6.0

cpe:2.3:a:wso2:identity_server_analytics:5.6.0
Wso2 » Identity Server As Key Manager » Version: N/A

cpe:2.3:a:wso2:identity_server_as_key_manager:-
Wso2 » Identity Server As Key Manager » Version: 1.10.0

cpe:2.3:a:wso2:identity_server_as_key_manager:1.10.0
Wso2 » Identity Server As Key Manager » Version: 1.9.0

cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.0
Wso2 » Identity Server As Key Manager » Version: 1.9.1

cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.1
Wso2 » Identity Server As Key Manager » Version: 2.0.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.0.0
Wso2 » Identity Server As Key Manager » Version: 2.1.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.1.0
Wso2 » Identity Server As Key Manager » Version: 2.2.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.2.0
Wso2 » Identity Server As Key Manager » Version: 2.5.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.5.0
Wso2 » Identity Server As Key Manager » Version: 2.6.0

cpe:2.3:a:wso2:identity_server_as_key_manager:2.6.0
Wso2 » Identity Server As Key Manager » Version: 3.0.0

cpe:2.3:a:wso2:identity_server_as_key_manager:3.0.0
Wso2 » Identity Server As Key Manager » Version: 3.1.0

cpe:2.3:a:wso2:identity_server_as_key_manager:3.1.0
Wso2 » Identity Server As Key Manager » Version: 5.0.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.0.0
Wso2 » Identity Server As Key Manager » Version: 5.1.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.1.0
Wso2 » Identity Server As Key Manager » Version: 5.10.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0
Wso2 » Identity Server As Key Manager » Version: 5.2.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.2.0
Wso2 » Identity Server As Key Manager » Version: 5.3.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0
Wso2 » Identity Server As Key Manager » Version: 5.4.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.0
Wso2 » Identity Server As Key Manager » Version: 5.4.1

cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.1
Wso2 » Identity Server As Key Manager » Version: 5.5.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0
Wso2 » Identity Server As Key Manager » Version: 5.6.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0
Wso2 » Identity Server As Key Manager » Version: 5.7.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0
Wso2 » Identity Server As Key Manager » Version: 5.8.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.8.0
Wso2 » Identity Server As Key Manager » Version: 5.9.0

cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0
Wso2 » Iot Server » Version: 3.1.0

cpe:2.3:a:wso2:iot_server:3.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24706

Products

Pricing

Contact Us