CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wso2: >> Enterprise Mobility Manager >> 2.2.0 Security Vulnerabilities

CVE-2025-9804

An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information. This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 API Manager's API Gateway remain unaffected.

CVSS Score

9.6

EPSS Score

0.001

Published

2025-10-16

CVE-2017-14651

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.

CVSS Score

4.8

EPSS Score

0.076

Published

2017-09-21

Page 1

Vulnerabilities

Vulnerable Software

Wso2: >> Enterprise Mobility Manager >> 2.2.0 Security Vulnerabilities

Products

Pricing

Contact Us