Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for org.wso2.carbon:org.wso2.carbon.ui by WSO2

    CVE-2025-6670 (GCVE-0-2025-6670)

    Vulnerability from nvd – Published: 2025-11-18 11:28 – Updated: 2025-11-18 19:12
    VLAI
    Title
    Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services
    Summary
    A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests. A malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
    Unaffected: 2.0.0 , < 2.0.0.398 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
    Unaffected: 2.0.0 , < 2.0.0.418 (custom)
    Create a notification for this product.
    WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.34 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.34 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.36 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
    Affected: 3.1.0 , < 3.1.0.349 (custom)
    Affected: 3.2.0 , < 3.2.0.453 (custom)
    Affected: 3.2.1 , < 3.2.1.73 (custom)
    Affected: 4.0.0 , < 4.0.0.373 (custom)
    Affected: 4.1.0 , < 4.1.0.236 (custom)
    Affected: 4.2.0 , < 4.2.0.176 (custom)
    Affected: 4.3.0 , < 4.3.0.88 (custom)
    Affected: 4.4.0 , < 4.4.0.52 (custom)
    Affected: 4.5.0 , < 4.5.0.35 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.378 (custom)
    Affected: 5.11.0 , < 5.11.0.425 (custom)
    Affected: 6.0.0 , < 6.0.0.252 (custom)
    Affected: 6.1.0 , < 6.1.0.253 (custom)
    Affected: 7.0.0 , < 7.0.0.130 (custom)
    Affected: 7.1.0 , < 7.1.0.38 (custom)
    Affected: 7.2.0 , < 7.2.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.369 (custom)
    Create a notification for this product.
    WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
    Affected: 6.6.0 , < 6.6.0.226 (custom)
    Create a notification for this product.
    WSO2 org.wso2.carbon:org.wso2.carbon.ui Affected: 4.5.3 , < 4.5.3.50 (custom)
    Affected: 4.6.0 , < 4.6.0.2253 (custom)
    Affected: 4.6.1 , < 4.6.1.157 (custom)
    Affected: 4.6.2 , < 4.6.2.673 (custom)
    Affected: 4.6.3 , < 4.6.3.41 (custom)
    Affected: 4.6.4 , < 4.6.4.22 (custom)
    Affected: 4.7.1 , < 4.7.1.73 (custom)
    Affected: 4.8.1 , < 4.8.1.43 (custom)
    Affected: 4.9.0 , < 4.9.0.106 (custom)
    Affected: 4.9.26 , < 4.9.26.31 (custom)
    Affected: 4.9.27 , < 4.9.27.16 (custom)
    Affected: 4.9.28 , < 4.9.28.18 (custom)
    Affected: 4.9.33 , < 4.9.33.2 (custom)
    Affected: 4.10.9 , < 4.10.9.75 (custom)
    Affected: 4.10.42 , < 4.10.42.18 (custom)
    Affected: 4.10.101 , < 4.10.101.3 (custom)
    Unaffected: 4.9.29 , ≤ 4.9.29.* (custom)
    Unaffected: 4.10.65 , ≤ 4.10.* (custom)
    Create a notification for this product.
    Credits
    Noël MACCARY
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6670",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-18T19:10:34.187077Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-18T19:12:59.786Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking AM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.398",
                  "status": "unaffected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking IAM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.418",
                  "status": "unaffected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Traffic Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.34",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Universal Gateway",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.34",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Control Plane",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.36",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "3.1.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.1.0.349",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.0.453",
                  "status": "affected",
                  "version": "3.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.1.73",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.0.0.373",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.1.0.236",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.2.0.176",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.3.0.88",
                  "status": "affected",
                  "version": "4.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.4.0.52",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.5.0.35",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.378",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.11.0.425",
                  "status": "affected",
                  "version": "5.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.0.0.252",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.1.0.253",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.0.0.130",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.0.38",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.2.0.1",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server as Key Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.369",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Enterprise Integrator",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "6.6.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.6.0.226",
                  "status": "affected",
                  "version": "6.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "packageName": "org.wso2.carbon:org.wso2.carbon.ui",
              "product": "org.wso2.carbon:org.wso2.carbon.ui",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.3.50",
                  "status": "affected",
                  "version": "4.5.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.2253",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.1.157",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.2.673",
                  "status": "affected",
                  "version": "4.6.2",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.3.41",
                  "status": "affected",
                  "version": "4.6.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.4.22",
                  "status": "affected",
                  "version": "4.6.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.7.1.73",
                  "status": "affected",
                  "version": "4.7.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.8.1.43",
                  "status": "affected",
                  "version": "4.8.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.0.106",
                  "status": "affected",
                  "version": "4.9.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.26.31",
                  "status": "affected",
                  "version": "4.9.26",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.27.16",
                  "status": "affected",
                  "version": "4.9.27",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.28.18",
                  "status": "affected",
                  "version": "4.9.28",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.33.2",
                  "status": "affected",
                  "version": "4.9.33",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.9.75",
                  "status": "affected",
                  "version": "4.10.9",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.42.18",
                  "status": "affected",
                  "version": "4.10.42",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.101.3",
                  "status": "affected",
                  "version": "4.10.101",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.9.29.*",
                  "status": "unaffected",
                  "version": "4.9.29",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.10.*",
                  "status": "unaffected",
                  "version": "4.10.65",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.398",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.418",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.34",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.34",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.36",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.1.0.349",
                      "versionStartIncluding": "3.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.0.453",
                      "versionStartIncluding": "3.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.1.73",
                      "versionStartIncluding": "3.2.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.0.0.373",
                      "versionStartIncluding": "4.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.1.0.236",
                      "versionStartIncluding": "4.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.2.0.176",
                      "versionStartIncluding": "4.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.3.0.88",
                      "versionStartIncluding": "4.3.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.4.0.52",
                      "versionStartIncluding": "4.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.35",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.378",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.11.0.425",
                      "versionStartIncluding": "5.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.0.0.252",
                      "versionStartIncluding": "6.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.0.253",
                      "versionStartIncluding": "6.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0.0.130",
                      "versionStartIncluding": "7.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.0.38",
                      "versionStartIncluding": "7.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.2.0.1",
                      "versionStartIncluding": "7.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.369",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.0.226",
                      "versionStartIncluding": "6.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.3.50",
                      "versionStartIncluding": "4.5.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.2253",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.1.157",
                      "versionStartIncluding": "4.6.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.2.673",
                      "versionStartIncluding": "4.6.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.3.41",
                      "versionStartIncluding": "4.6.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.4.22",
                      "versionStartIncluding": "4.6.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.7.1.73",
                      "versionStartIncluding": "4.7.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.8.1.43",
                      "versionStartIncluding": "4.8.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.0.106",
                      "versionStartIncluding": "4.9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.26.31",
                      "versionStartIncluding": "4.9.26",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.27.16",
                      "versionStartIncluding": "4.9.27",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.28.18",
                      "versionStartIncluding": "4.9.28",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.33.2",
                      "versionStartIncluding": "4.9.33",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.9.75",
                      "versionStartIncluding": "4.10.9",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.42.18",
                      "versionStartIncluding": "4.10.42",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.101.3",
                      "versionStartIncluding": "4.10.101",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.9.29.*",
                      "versionStartIncluding": "4.9.29",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.10.*",
                      "versionStartIncluding": "4.10.65",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "No\u00ebl MACCARY"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.\u003cbr\u003e\u003cbr\u003eA malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments."
                }
              ],
              "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.\n\nA malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T11:28:37.410Z",
            "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
            "shortName": "WSO2"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
                }
              ],
              "value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution"
            }
          ],
          "source": {
            "advisory": "WSO2-2025-4117",
            "discovery": "EXTERNAL"
          },
          "title": "Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "assignerShortName": "WSO2",
        "cveId": "CVE-2025-6670",
        "datePublished": "2025-11-18T11:28:37.410Z",
        "dateReserved": "2025-06-25T15:24:36.239Z",
        "dateUpdated": "2025-11-18T19:12:59.786Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5605 (GCVE-0-2025-5605)

    Vulnerability from nvd – Published: 2025-10-24 10:09 – Updated: 2025-10-24 11:44
    Title
    Authentication Bypass via URI Manipulation in Multiple WSO2 Products' Management Console Leading to Partial Information Disclosure
    Summary
    An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    References
    Impacted products
    Vendor Product Version
    WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.361 (custom)
    Affected: 5.11.0 , < 5.11.0.414 (custom)
    Affected: 6.0.0 , < 6.0.0.245 (custom)
    Affected: 6.1.0 , < 6.1.0.244 (custom)
    Affected: 7.0.0 , < 7.0.0.119 (custom)
    Affected: 7.1.0 , < 7.1.0.25 (custom)
    Create a notification for this product.
    WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
    Affected: 6.6.0 , < 6.6.0.217 (custom)
    Create a notification for this product.
    WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.10 (custom)
    Create a notification for this product.
    WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.10 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
    Affected: 3.1.0 , < 3.1.0.334 (custom)
    Affected: 3.2.0 , < 3.2.0.430 (custom)
    Affected: 3.2.1 , < 3.2.1.48 (custom)
    Affected: 4.0.0 , < 4.0.0.346 (custom)
    Affected: 4.1.0 , < 4.1.0.210 (custom)
    Affected: 4.2.0 , < 4.2.0.148 (custom)
    Affected: 4.3.0 , < 4.3.0.61 (custom)
    Affected: 4.4.0 , < 4.4.0.24 (custom)
    Affected: 4.5.0 , < 4.5.0.10 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.11 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.354 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.382 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.403 (custom)
    Create a notification for this product.
    WSO2 org.wso2.carbon:org.wso2.carbon.ui Affected: 4.5.3 , < 4.5.3.40 (custom)
    Affected: 4.6.0 , < 4.6.0.1224 (custom)
    Affected: 4.6.1 , < 4.6.1.150 (custom)
    Affected: 4.6.2 , < 4.6.2.664 (custom)
    Affected: 4.6.3 , < 4.6.3.32 (custom)
    Affected: 4.6.4 , < 4.6.4.8 (custom)
    Affected: 4.7.1 , < 4.7.1.69 (custom)
    Affected: 4.8.1 , < 4.8.1.33 (custom)
    Affected: 4.9.0 , < 4.9.0.100 (custom)
    Affected: 4.9.26 , < 4.9.26.20 (custom)
    Affected: 4.9.27 , < 4.9.27.4 (custom)
    Affected: 4.9.28 , < 4.9.28.4 (custom)
    Affected: 4.10.9 , < 4.10.9.68 (custom)
    Affected: 4.10.42 , < 4.10.42.10 (custom)
    Unaffected: 4.9.29 , ≤ 4.9.* (custom)
    Unaffected: 4.10.90 , ≤ * (custom)
    Create a notification for this product.
    Credits
    Noël Maccary
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5605",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T11:44:00.454638Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-290",
                    "description": "CWE-290 Authentication Bypass by Spoofing",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T11:44:58.987Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.361",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.11.0.414",
                  "status": "affected",
                  "version": "5.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.0.0.245",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.1.0.244",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.0.0.119",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.0.25",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Enterprise Integrator",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "6.6.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.6.0.217",
                  "status": "affected",
                  "version": "6.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Universal Gateway",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.10",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Traffic Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.10",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "3.1.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.1.0.334",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.0.430",
                  "status": "affected",
                  "version": "3.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.1.48",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.0.0.346",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.1.0.210",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.2.0.148",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.3.0.61",
                  "status": "affected",
                  "version": "4.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.4.0.24",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.5.0.10",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Control Plane",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.11",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server as Key Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.354",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking AM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.382",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking IAM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.403",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "packageName": "org.wso2.carbon:org.wso2.carbon.ui",
              "product": "org.wso2.carbon:org.wso2.carbon.ui",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.3.40",
                  "status": "affected",
                  "version": "4.5.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1224",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.1.150",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.2.664",
                  "status": "affected",
                  "version": "4.6.2",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.3.32",
                  "status": "affected",
                  "version": "4.6.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.4.8",
                  "status": "affected",
                  "version": "4.6.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.7.1.69",
                  "status": "affected",
                  "version": "4.7.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.8.1.33",
                  "status": "affected",
                  "version": "4.8.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.0.100",
                  "status": "affected",
                  "version": "4.9.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.26.20",
                  "status": "affected",
                  "version": "4.9.26",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.27.4",
                  "status": "affected",
                  "version": "4.9.27",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.28.4",
                  "status": "affected",
                  "version": "4.9.28",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.9.68",
                  "status": "affected",
                  "version": "4.10.9",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.42.10",
                  "status": "affected",
                  "version": "4.10.42",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.9.*",
                  "status": "unaffected",
                  "version": "4.9.29",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "4.10.90",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.361",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.11.0.414",
                      "versionStartIncluding": "5.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.0.0.245",
                      "versionStartIncluding": "6.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.0.244",
                      "versionStartIncluding": "6.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0.0.119",
                      "versionStartIncluding": "7.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.0.25",
                      "versionStartIncluding": "7.1.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.0.217",
                      "versionStartIncluding": "6.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.10",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.10",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.1.0.334",
                      "versionStartIncluding": "3.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.0.430",
                      "versionStartIncluding": "3.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.1.48",
                      "versionStartIncluding": "3.2.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.0.0.346",
                      "versionStartIncluding": "4.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.1.0.210",
                      "versionStartIncluding": "4.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.2.0.148",
                      "versionStartIncluding": "4.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.3.0.61",
                      "versionStartIncluding": "4.3.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.4.0.24",
                      "versionStartIncluding": "4.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.10",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.11",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.354",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.382",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.403",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.3.40",
                      "versionStartIncluding": "4.5.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1224",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.1.150",
                      "versionStartIncluding": "4.6.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.2.664",
                      "versionStartIncluding": "4.6.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.3.32",
                      "versionStartIncluding": "4.6.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.4.8",
                      "versionStartIncluding": "4.6.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.7.1.69",
                      "versionStartIncluding": "4.7.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.8.1.33",
                      "versionStartIncluding": "4.8.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.0.100",
                      "versionStartIncluding": "4.9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.26.20",
                      "versionStartIncluding": "4.9.26",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.27.4",
                      "versionStartIncluding": "4.9.27",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.28.4",
                      "versionStartIncluding": "4.9.28",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.9.68",
                      "versionStartIncluding": "4.10.9",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.42.10",
                      "versionStartIncluding": "4.10.42",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.9.*",
                      "versionStartIncluding": "4.9.29",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "*",
                      "versionStartIncluding": "4.10.90",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "No\u00ebl Maccary"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\u003cbr\u003e\u003cbr\u003eThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.\u003cbr\u003e"
                }
              ],
              "value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\n\nThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T10:17:47.415Z",
            "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
            "shortName": "WSO2"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
                }
              ],
              "value": "Follow the instructions given on  https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution"
            }
          ],
          "source": {
            "advisory": "WSO2-2025-4115",
            "discovery": "EXTERNAL"
          },
          "title": "Authentication Bypass via URI Manipulation in Multiple WSO2 Products\u0027 Management Console Leading to Partial Information Disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "assignerShortName": "WSO2",
        "cveId": "CVE-2025-5605",
        "datePublished": "2025-10-24T10:09:59.591Z",
        "dateReserved": "2025-06-04T10:51:11.459Z",
        "dateUpdated": "2025-10-24T11:44:58.987Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-5350 (GCVE-0-2025-5350)

    Vulnerability from nvd – Published: 2025-10-24 10:08 – Updated: 2025-10-24 12:16
    VLAI
    Title
    SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products
    Summary
    SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context. By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk. Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.359 (custom)
    Affected: 5.11.0 , < 5.11.0.415 (custom)
    Affected: 6.0.0 , < 6.0.0.246 (custom)
    Affected: 6.1.0 , < 6.1.0.245 (custom)
    Affected: 7.0.0 , < 7.0.0.120 (custom)
    Affected: 7.1.0 , < 7.1.0.27 (custom)
    Create a notification for this product.
    WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
    Affected: 6.6.0 , < 6.6.0.218 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
    Affected: 3.1.0 , < 3.1.0.332 (custom)
    Affected: 3.2.0 , < 3.2.0.428 (custom)
    Affected: 3.2.1 , < 3.2.1.47 (custom)
    Affected: 4.0.0 , < 4.0.0.369 (custom)
    Affected: 4.1.0 , < 4.1.0.209 (custom)
    Affected: 4.2.0 , < 4.2.0.147 (custom)
    Affected: 4.3.0 , < 4.3.0.60 (custom)
    Affected: 4.4.0 , < 4.4.0.23 (custom)
    Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.380 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.401 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.352 (custom)
    Create a notification for this product.
    WSO2 org.wso2.carbon:org.wso2.carbon.ui Affected: 4.5.3 , < 4.5.3.41 (custom)
    Affected: 4.6.0 , < 4.6.0.1087 (custom)
    Affected: 4.6.1 , < 4.6.1.151 (custom)
    Affected: 4.6.2 , < 4.6.2.672 (custom)
    Affected: 4.6.3 , < 4.6.3.30 (custom)
    Affected: 4.6.4 , < 4.6.4.7 (custom)
    Affected: 4.7.1 , < 4.7.1.70 (custom)
    Affected: 4.8.1 , < 4.8.1.32 (custom)
    Affected: 4.9.0 , < 4.9.0.101 (custom)
    Affected: 4.9.26 , < 4.9.26.19 (custom)
    Affected: 4.9.27 , < 4.9.27.3 (custom)
    Affected: 4.9.28 , < 4.9.28.1 (custom)
    Affected: 4.10.9 , < 4.10.9.69 (custom)
    Affected: 4.10.42 , < 4.10.42.11 (custom)
    Unaffected: 4.9.29 , ≤ 4.9.* (custom)
    Unaffected: 4.10.93 , ≤ * (custom)
    Create a notification for this product.
    Credits
    Noël MACCARY
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5350",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T12:16:39.906160Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T12:16:49.892Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.359",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.11.0.415",
                  "status": "affected",
                  "version": "5.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.0.0.246",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.1.0.245",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.0.0.120",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.0.27",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Enterprise Integrator",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "6.6.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.6.0.218",
                  "status": "affected",
                  "version": "6.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "3.1.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.1.0.332",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.0.428",
                  "status": "affected",
                  "version": "3.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.1.47",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.0.0.369",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.1.0.209",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.2.0.147",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.3.0.60",
                  "status": "affected",
                  "version": "4.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.4.0.23",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Universal Gateway",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Traffic Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Control Plane",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking AM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.380",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking IAM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.401",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server as Key Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.352",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "packageName": "org.wso2.carbon:org.wso2.carbon.ui",
              "product": "org.wso2.carbon:org.wso2.carbon.ui",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.3.41",
                  "status": "affected",
                  "version": "4.5.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1087",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.1.151",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.2.672",
                  "status": "affected",
                  "version": "4.6.2",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.3.30",
                  "status": "affected",
                  "version": "4.6.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.4.7",
                  "status": "affected",
                  "version": "4.6.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.7.1.70",
                  "status": "affected",
                  "version": "4.7.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.8.1.32",
                  "status": "affected",
                  "version": "4.8.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.0.101",
                  "status": "affected",
                  "version": "4.9.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.26.19",
                  "status": "affected",
                  "version": "4.9.26",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.27.3",
                  "status": "affected",
                  "version": "4.9.27",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.28.1",
                  "status": "affected",
                  "version": "4.9.28",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.9.69",
                  "status": "affected",
                  "version": "4.10.9",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.42.11",
                  "status": "affected",
                  "version": "4.10.42",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.9.*",
                  "status": "unaffected",
                  "version": "4.9.29",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "4.10.93",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "No\u00ebl MACCARY"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\u003cbr\u003e\u003cbr\u003eBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\u003cbr\u003e\u003cbr\u003eFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.\u003cbr\u003e"
                }
              ],
              "value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\n\nBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\n\nFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T10:15:53.793Z",
            "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
            "shortName": "WSO2"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
                }
              ],
              "value": "Follow the instructions given on  https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution"
            }
          ],
          "source": {
            "advisory": "WSO2-2025-4124",
            "discovery": "EXTERNAL"
          },
          "title": "SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "assignerShortName": "WSO2",
        "cveId": "CVE-2025-5350",
        "datePublished": "2025-10-24T10:08:07.719Z",
        "dateReserved": "2025-05-30T06:56:02.711Z",
        "dateUpdated": "2025-10-24T12:16:49.892Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-6670 (GCVE-0-2025-6670)

    Vulnerability from cvelistv5 – Published: 2025-11-18 11:28 – Updated: 2025-11-18 19:12
    VLAI
    Title
    Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services
    Summary
    A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests. A malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    References
    Impacted products
    Vendor Product Version
    WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
    Unaffected: 2.0.0 , < 2.0.0.398 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
    Unaffected: 2.0.0 , < 2.0.0.418 (custom)
    Create a notification for this product.
    WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.34 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.34 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.36 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
    Affected: 3.1.0 , < 3.1.0.349 (custom)
    Affected: 3.2.0 , < 3.2.0.453 (custom)
    Affected: 3.2.1 , < 3.2.1.73 (custom)
    Affected: 4.0.0 , < 4.0.0.373 (custom)
    Affected: 4.1.0 , < 4.1.0.236 (custom)
    Affected: 4.2.0 , < 4.2.0.176 (custom)
    Affected: 4.3.0 , < 4.3.0.88 (custom)
    Affected: 4.4.0 , < 4.4.0.52 (custom)
    Affected: 4.5.0 , < 4.5.0.35 (custom)
    Affected: 4.6.0 , < 4.6.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.378 (custom)
    Affected: 5.11.0 , < 5.11.0.425 (custom)
    Affected: 6.0.0 , < 6.0.0.252 (custom)
    Affected: 6.1.0 , < 6.1.0.253 (custom)
    Affected: 7.0.0 , < 7.0.0.130 (custom)
    Affected: 7.1.0 , < 7.1.0.38 (custom)
    Affected: 7.2.0 , < 7.2.0.1 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.369 (custom)
    Create a notification for this product.
    WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
    Affected: 6.6.0 , < 6.6.0.226 (custom)
    Create a notification for this product.
    WSO2 org.wso2.carbon:org.wso2.carbon.ui Affected: 4.5.3 , < 4.5.3.50 (custom)
    Affected: 4.6.0 , < 4.6.0.2253 (custom)
    Affected: 4.6.1 , < 4.6.1.157 (custom)
    Affected: 4.6.2 , < 4.6.2.673 (custom)
    Affected: 4.6.3 , < 4.6.3.41 (custom)
    Affected: 4.6.4 , < 4.6.4.22 (custom)
    Affected: 4.7.1 , < 4.7.1.73 (custom)
    Affected: 4.8.1 , < 4.8.1.43 (custom)
    Affected: 4.9.0 , < 4.9.0.106 (custom)
    Affected: 4.9.26 , < 4.9.26.31 (custom)
    Affected: 4.9.27 , < 4.9.27.16 (custom)
    Affected: 4.9.28 , < 4.9.28.18 (custom)
    Affected: 4.9.33 , < 4.9.33.2 (custom)
    Affected: 4.10.9 , < 4.10.9.75 (custom)
    Affected: 4.10.42 , < 4.10.42.18 (custom)
    Affected: 4.10.101 , < 4.10.101.3 (custom)
    Unaffected: 4.9.29 , ≤ 4.9.29.* (custom)
    Unaffected: 4.10.65 , ≤ 4.10.* (custom)
    Create a notification for this product.
    Credits
    Noël MACCARY
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6670",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-18T19:10:34.187077Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-18T19:12:59.786Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking AM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.398",
                  "status": "unaffected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking IAM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.418",
                  "status": "unaffected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Traffic Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.34",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Universal Gateway",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.34",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Control Plane",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.36",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "3.1.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.1.0.349",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.0.453",
                  "status": "affected",
                  "version": "3.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.1.73",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.0.0.373",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.1.0.236",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.2.0.176",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.3.0.88",
                  "status": "affected",
                  "version": "4.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.4.0.52",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.5.0.35",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.378",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.11.0.425",
                  "status": "affected",
                  "version": "5.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.0.0.252",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.1.0.253",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.0.0.130",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.0.38",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.2.0.1",
                  "status": "affected",
                  "version": "7.2.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server as Key Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.369",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Enterprise Integrator",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "6.6.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.6.0.226",
                  "status": "affected",
                  "version": "6.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "packageName": "org.wso2.carbon:org.wso2.carbon.ui",
              "product": "org.wso2.carbon:org.wso2.carbon.ui",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.3.50",
                  "status": "affected",
                  "version": "4.5.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.2253",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.1.157",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.2.673",
                  "status": "affected",
                  "version": "4.6.2",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.3.41",
                  "status": "affected",
                  "version": "4.6.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.4.22",
                  "status": "affected",
                  "version": "4.6.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.7.1.73",
                  "status": "affected",
                  "version": "4.7.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.8.1.43",
                  "status": "affected",
                  "version": "4.8.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.0.106",
                  "status": "affected",
                  "version": "4.9.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.26.31",
                  "status": "affected",
                  "version": "4.9.26",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.27.16",
                  "status": "affected",
                  "version": "4.9.27",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.28.18",
                  "status": "affected",
                  "version": "4.9.28",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.33.2",
                  "status": "affected",
                  "version": "4.9.33",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.9.75",
                  "status": "affected",
                  "version": "4.10.9",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.42.18",
                  "status": "affected",
                  "version": "4.10.42",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.101.3",
                  "status": "affected",
                  "version": "4.10.101",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.9.29.*",
                  "status": "unaffected",
                  "version": "4.9.29",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.10.*",
                  "status": "unaffected",
                  "version": "4.10.65",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.398",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.418",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.34",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.34",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.36",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.1.0.349",
                      "versionStartIncluding": "3.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.0.453",
                      "versionStartIncluding": "3.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.1.73",
                      "versionStartIncluding": "3.2.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.0.0.373",
                      "versionStartIncluding": "4.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.1.0.236",
                      "versionStartIncluding": "4.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.2.0.176",
                      "versionStartIncluding": "4.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.3.0.88",
                      "versionStartIncluding": "4.3.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.4.0.52",
                      "versionStartIncluding": "4.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.35",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.378",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.11.0.425",
                      "versionStartIncluding": "5.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.0.0.252",
                      "versionStartIncluding": "6.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.0.253",
                      "versionStartIncluding": "6.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0.0.130",
                      "versionStartIncluding": "7.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.0.38",
                      "versionStartIncluding": "7.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.2.0.1",
                      "versionStartIncluding": "7.2.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.369",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.0.226",
                      "versionStartIncluding": "6.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.3.50",
                      "versionStartIncluding": "4.5.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.2253",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.1.157",
                      "versionStartIncluding": "4.6.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.2.673",
                      "versionStartIncluding": "4.6.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.3.41",
                      "versionStartIncluding": "4.6.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.4.22",
                      "versionStartIncluding": "4.6.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.7.1.73",
                      "versionStartIncluding": "4.7.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.8.1.43",
                      "versionStartIncluding": "4.8.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.0.106",
                      "versionStartIncluding": "4.9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.26.31",
                      "versionStartIncluding": "4.9.26",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.27.16",
                      "versionStartIncluding": "4.9.27",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.28.18",
                      "versionStartIncluding": "4.9.28",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.33.2",
                      "versionStartIncluding": "4.9.33",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.9.75",
                      "versionStartIncluding": "4.10.9",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.42.18",
                      "versionStartIncluding": "4.10.42",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.101.3",
                      "versionStartIncluding": "4.10.101",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.9.29.*",
                      "versionStartIncluding": "4.9.29",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.10.*",
                      "versionStartIncluding": "4.10.65",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "No\u00ebl MACCARY"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.\u003cbr\u003e\u003cbr\u003eA malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments."
                }
              ],
              "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in multiple WSO2 products due to the use of the HTTP GET method for state-changing operations within admin services, specifically in the event processor of the Carbon console. Although the SameSite=Lax cookie attribute is used as a mitigation, it is ineffective in this context because it allows cookies to be sent with cross-origin top-level navigations using GET requests.\n\nA malicious actor can exploit this vulnerability by tricking an authenticated user into visiting a crafted link, leading the browser to issue unintended state-changing requests. Successful exploitation could result in unauthorized operations such as data modification, account changes, or other administrative actions. According to WSO2 Secure Production Guidelines, exposure of Carbon console services to untrusted networks is discouraged, which may reduce the impact in properly secured deployments."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-18T11:28:37.410Z",
            "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
            "shortName": "WSO2"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
                }
              ],
              "value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4117/#solution"
            }
          ],
          "source": {
            "advisory": "WSO2-2025-4117",
            "discovery": "EXTERNAL"
          },
          "title": "Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "assignerShortName": "WSO2",
        "cveId": "CVE-2025-6670",
        "datePublished": "2025-11-18T11:28:37.410Z",
        "dateReserved": "2025-06-25T15:24:36.239Z",
        "dateUpdated": "2025-11-18T19:12:59.786Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5605 (GCVE-0-2025-5605)

    Vulnerability from cvelistv5 – Published: 2025-10-24 10:09 – Updated: 2025-10-24 11:44
    Title
    Authentication Bypass via URI Manipulation in Multiple WSO2 Products' Management Console Leading to Partial Information Disclosure
    Summary
    An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-290 - Authentication Bypass by Spoofing
    Assigner
    References
    Impacted products
    Vendor Product Version
    WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.361 (custom)
    Affected: 5.11.0 , < 5.11.0.414 (custom)
    Affected: 6.0.0 , < 6.0.0.245 (custom)
    Affected: 6.1.0 , < 6.1.0.244 (custom)
    Affected: 7.0.0 , < 7.0.0.119 (custom)
    Affected: 7.1.0 , < 7.1.0.25 (custom)
    Create a notification for this product.
    WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
    Affected: 6.6.0 , < 6.6.0.217 (custom)
    Create a notification for this product.
    WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.10 (custom)
    Create a notification for this product.
    WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.10 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
    Affected: 3.1.0 , < 3.1.0.334 (custom)
    Affected: 3.2.0 , < 3.2.0.430 (custom)
    Affected: 3.2.1 , < 3.2.1.48 (custom)
    Affected: 4.0.0 , < 4.0.0.346 (custom)
    Affected: 4.1.0 , < 4.1.0.210 (custom)
    Affected: 4.2.0 , < 4.2.0.148 (custom)
    Affected: 4.3.0 , < 4.3.0.61 (custom)
    Affected: 4.4.0 , < 4.4.0.24 (custom)
    Affected: 4.5.0 , < 4.5.0.10 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.11 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.354 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.382 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.403 (custom)
    Create a notification for this product.
    WSO2 org.wso2.carbon:org.wso2.carbon.ui Affected: 4.5.3 , < 4.5.3.40 (custom)
    Affected: 4.6.0 , < 4.6.0.1224 (custom)
    Affected: 4.6.1 , < 4.6.1.150 (custom)
    Affected: 4.6.2 , < 4.6.2.664 (custom)
    Affected: 4.6.3 , < 4.6.3.32 (custom)
    Affected: 4.6.4 , < 4.6.4.8 (custom)
    Affected: 4.7.1 , < 4.7.1.69 (custom)
    Affected: 4.8.1 , < 4.8.1.33 (custom)
    Affected: 4.9.0 , < 4.9.0.100 (custom)
    Affected: 4.9.26 , < 4.9.26.20 (custom)
    Affected: 4.9.27 , < 4.9.27.4 (custom)
    Affected: 4.9.28 , < 4.9.28.4 (custom)
    Affected: 4.10.9 , < 4.10.9.68 (custom)
    Affected: 4.10.42 , < 4.10.42.10 (custom)
    Unaffected: 4.9.29 , ≤ 4.9.* (custom)
    Unaffected: 4.10.90 , ≤ * (custom)
    Create a notification for this product.
    Credits
    Noël Maccary
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5605",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T11:44:00.454638Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-290",
                    "description": "CWE-290 Authentication Bypass by Spoofing",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T11:44:58.987Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.361",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.11.0.414",
                  "status": "affected",
                  "version": "5.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.0.0.245",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.1.0.244",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.0.0.119",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.0.25",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Enterprise Integrator",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "6.6.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.6.0.217",
                  "status": "affected",
                  "version": "6.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Universal Gateway",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.10",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Traffic Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.10",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "3.1.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.1.0.334",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.0.430",
                  "status": "affected",
                  "version": "3.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.1.48",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.0.0.346",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.1.0.210",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.2.0.148",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.3.0.61",
                  "status": "affected",
                  "version": "4.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.4.0.24",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.5.0.10",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Control Plane",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.11",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server as Key Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.354",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking AM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.382",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking IAM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.403",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "packageName": "org.wso2.carbon:org.wso2.carbon.ui",
              "product": "org.wso2.carbon:org.wso2.carbon.ui",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.3.40",
                  "status": "affected",
                  "version": "4.5.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1224",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.1.150",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.2.664",
                  "status": "affected",
                  "version": "4.6.2",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.3.32",
                  "status": "affected",
                  "version": "4.6.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.4.8",
                  "status": "affected",
                  "version": "4.6.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.7.1.69",
                  "status": "affected",
                  "version": "4.7.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.8.1.33",
                  "status": "affected",
                  "version": "4.8.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.0.100",
                  "status": "affected",
                  "version": "4.9.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.26.20",
                  "status": "affected",
                  "version": "4.9.26",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.27.4",
                  "status": "affected",
                  "version": "4.9.27",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.28.4",
                  "status": "affected",
                  "version": "4.9.28",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.9.68",
                  "status": "affected",
                  "version": "4.10.9",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.42.10",
                  "status": "affected",
                  "version": "4.10.42",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.9.*",
                  "status": "unaffected",
                  "version": "4.9.29",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "4.10.90",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.361",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.11.0.414",
                      "versionStartIncluding": "5.11.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.0.0.245",
                      "versionStartIncluding": "6.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.1.0.244",
                      "versionStartIncluding": "6.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.0.0.119",
                      "versionStartIncluding": "7.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "7.1.0.25",
                      "versionStartIncluding": "7.1.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_enterprise_integrator:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "6.6.0.217",
                      "versionStartIncluding": "6.6.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_universal_gateway:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.10",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_traffic_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.10",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.1.0.334",
                      "versionStartIncluding": "3.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.0.430",
                      "versionStartIncluding": "3.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.2.1.48",
                      "versionStartIncluding": "3.2.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.0.0.346",
                      "versionStartIncluding": "4.0.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.1.0.210",
                      "versionStartIncluding": "4.1.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.2.0.148",
                      "versionStartIncluding": "4.2.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.3.0.61",
                      "versionStartIncluding": "4.3.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.4.0.24",
                      "versionStartIncluding": "4.4.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.10",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_api_control_plane:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.0.11",
                      "versionStartIncluding": "4.5.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_identity_server_as_key_manager:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "5.10.0.354",
                      "versionStartIncluding": "5.10.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_am:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.382",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:wso2_open_banking_iam:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "2.0.0.403",
                      "versionStartIncluding": "2.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.5.3.40",
                      "versionStartIncluding": "4.5.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.0.1224",
                      "versionStartIncluding": "4.6.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.1.150",
                      "versionStartIncluding": "4.6.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.2.664",
                      "versionStartIncluding": "4.6.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.3.32",
                      "versionStartIncluding": "4.6.3",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.6.4.8",
                      "versionStartIncluding": "4.6.4",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.7.1.69",
                      "versionStartIncluding": "4.7.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.8.1.33",
                      "versionStartIncluding": "4.8.1",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.0.100",
                      "versionStartIncluding": "4.9.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.26.20",
                      "versionStartIncluding": "4.9.26",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.27.4",
                      "versionStartIncluding": "4.9.27",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.9.28.4",
                      "versionStartIncluding": "4.9.28",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.9.68",
                      "versionStartIncluding": "4.10.9",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "4.10.42.10",
                      "versionStartIncluding": "4.10.42",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "4.9.*",
                      "versionStartIncluding": "4.9.29",
                      "vulnerable": false
                    },
                    {
                      "criteria": "cpe:2.3:a:wso2:org.wso2.carbon_org.wso2.carbon.ui:*:*:*:*:*:*:*:*",
                      "versionEndIncluding": "*",
                      "versionStartIncluding": "4.10.90",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "No\u00ebl Maccary"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\u003cbr\u003e\u003cbr\u003eThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.\u003cbr\u003e"
                }
              ],
              "value": "An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure.\n\nThe known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T10:17:47.415Z",
            "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
            "shortName": "WSO2"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
                }
              ],
              "value": "Follow the instructions given on  https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/#solution"
            }
          ],
          "source": {
            "advisory": "WSO2-2025-4115",
            "discovery": "EXTERNAL"
          },
          "title": "Authentication Bypass via URI Manipulation in Multiple WSO2 Products\u0027 Management Console Leading to Partial Information Disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "assignerShortName": "WSO2",
        "cveId": "CVE-2025-5605",
        "datePublished": "2025-10-24T10:09:59.591Z",
        "dateReserved": "2025-06-04T10:51:11.459Z",
        "dateUpdated": "2025-10-24T11:44:58.987Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-5350 (GCVE-0-2025-5350)

    Vulnerability from cvelistv5 – Published: 2025-10-24 10:08 – Updated: 2025-10-24 12:16
    VLAI
    Title
    SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products
    Summary
    SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context. By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk. Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    WSO2 WSO2 Identity Server Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.359 (custom)
    Affected: 5.11.0 , < 5.11.0.415 (custom)
    Affected: 6.0.0 , < 6.0.0.246 (custom)
    Affected: 6.1.0 , < 6.1.0.245 (custom)
    Affected: 7.0.0 , < 7.0.0.120 (custom)
    Affected: 7.1.0 , < 7.1.0.27 (custom)
    Create a notification for this product.
    WSO2 WSO2 Enterprise Integrator Unknown: 0 , < 6.6.0 (custom)
    Affected: 6.6.0 , < 6.6.0.218 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Manager Unknown: 0 , < 3.1.0 (custom)
    Affected: 3.1.0 , < 3.1.0.332 (custom)
    Affected: 3.2.0 , < 3.2.0.428 (custom)
    Affected: 3.2.1 , < 3.2.1.47 (custom)
    Affected: 4.0.0 , < 4.0.0.369 (custom)
    Affected: 4.1.0 , < 4.1.0.209 (custom)
    Affected: 4.2.0 , < 4.2.0.147 (custom)
    Affected: 4.3.0 , < 4.3.0.60 (custom)
    Affected: 4.4.0 , < 4.4.0.23 (custom)
    Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 Universal Gateway Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 Traffic Manager Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 API Control Plane Affected: 4.5.0 , < 4.5.0.7 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking AM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.380 (custom)
    Create a notification for this product.
    WSO2 WSO2 Open Banking IAM Unknown: 0 , < 2.0.0 (custom)
    Affected: 2.0.0 , < 2.0.0.401 (custom)
    Create a notification for this product.
    WSO2 WSO2 Identity Server as Key Manager Unknown: 0 , < 5.10.0 (custom)
    Affected: 5.10.0 , < 5.10.0.352 (custom)
    Create a notification for this product.
    WSO2 org.wso2.carbon:org.wso2.carbon.ui Affected: 4.5.3 , < 4.5.3.41 (custom)
    Affected: 4.6.0 , < 4.6.0.1087 (custom)
    Affected: 4.6.1 , < 4.6.1.151 (custom)
    Affected: 4.6.2 , < 4.6.2.672 (custom)
    Affected: 4.6.3 , < 4.6.3.30 (custom)
    Affected: 4.6.4 , < 4.6.4.7 (custom)
    Affected: 4.7.1 , < 4.7.1.70 (custom)
    Affected: 4.8.1 , < 4.8.1.32 (custom)
    Affected: 4.9.0 , < 4.9.0.101 (custom)
    Affected: 4.9.26 , < 4.9.26.19 (custom)
    Affected: 4.9.27 , < 4.9.27.3 (custom)
    Affected: 4.9.28 , < 4.9.28.1 (custom)
    Affected: 4.10.9 , < 4.10.9.69 (custom)
    Affected: 4.10.42 , < 4.10.42.11 (custom)
    Unaffected: 4.9.29 , ≤ 4.9.* (custom)
    Unaffected: 4.10.93 , ≤ * (custom)
    Create a notification for this product.
    Credits
    Noël MACCARY
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5350",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-24T12:16:39.906160Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-24T12:16:49.892Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.359",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.11.0.415",
                  "status": "affected",
                  "version": "5.11.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.0.0.246",
                  "status": "affected",
                  "version": "6.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.1.0.245",
                  "status": "affected",
                  "version": "6.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.0.0.120",
                  "status": "affected",
                  "version": "7.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "7.1.0.27",
                  "status": "affected",
                  "version": "7.1.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Enterprise Integrator",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "6.6.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "6.6.0.218",
                  "status": "affected",
                  "version": "6.6.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "3.1.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.1.0.332",
                  "status": "affected",
                  "version": "3.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.0.428",
                  "status": "affected",
                  "version": "3.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "3.2.1.47",
                  "status": "affected",
                  "version": "3.2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.0.0.369",
                  "status": "affected",
                  "version": "4.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.1.0.209",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.2.0.147",
                  "status": "affected",
                  "version": "4.2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.3.0.60",
                  "status": "affected",
                  "version": "4.3.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.4.0.23",
                  "status": "affected",
                  "version": "4.4.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Universal Gateway",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Traffic Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 API Control Plane",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.0.7",
                  "status": "affected",
                  "version": "4.5.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking AM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.380",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Open Banking IAM",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "2.0.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.0.0.401",
                  "status": "affected",
                  "version": "2.0.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "WSO2 Identity Server as Key Manager",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "5.10.0",
                  "status": "unknown",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "5.10.0.352",
                  "status": "affected",
                  "version": "5.10.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "packageName": "org.wso2.carbon:org.wso2.carbon.ui",
              "product": "org.wso2.carbon:org.wso2.carbon.ui",
              "vendor": "WSO2",
              "versions": [
                {
                  "lessThan": "4.5.3.41",
                  "status": "affected",
                  "version": "4.5.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.0.1087",
                  "status": "affected",
                  "version": "4.6.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.1.151",
                  "status": "affected",
                  "version": "4.6.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.2.672",
                  "status": "affected",
                  "version": "4.6.2",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.3.30",
                  "status": "affected",
                  "version": "4.6.3",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.6.4.7",
                  "status": "affected",
                  "version": "4.6.4",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.7.1.70",
                  "status": "affected",
                  "version": "4.7.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.8.1.32",
                  "status": "affected",
                  "version": "4.8.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.0.101",
                  "status": "affected",
                  "version": "4.9.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.26.19",
                  "status": "affected",
                  "version": "4.9.26",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.27.3",
                  "status": "affected",
                  "version": "4.9.27",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.9.28.1",
                  "status": "affected",
                  "version": "4.9.28",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.9.69",
                  "status": "affected",
                  "version": "4.10.9",
                  "versionType": "custom"
                },
                {
                  "lessThan": "4.10.42.11",
                  "status": "affected",
                  "version": "4.10.42",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "4.9.*",
                  "status": "unaffected",
                  "version": "4.9.29",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "*",
                  "status": "unaffected",
                  "version": "4.10.93",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "No\u00ebl MACCARY"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\u003cbr\u003e\u003cbr\u003eBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\u003cbr\u003e\u003cbr\u003eFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.\u003cbr\u003e"
                }
              ],
              "value": "SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user\u0027s browser context.\n\nBy tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin\u2019s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.\n\nFurthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-24T10:15:53.793Z",
            "orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
            "shortName": "WSO2"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: transparent;\"\u003eFollow the instructions given on \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution\u003c/span\u003e\u003c/a\u003e \u003cbr\u003e"
                }
              ],
              "value": "Follow the instructions given on  https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/#solution"
            }
          ],
          "source": {
            "advisory": "WSO2-2025-4124",
            "discovery": "EXTERNAL"
          },
          "title": "SSRF and Reflected XSS Vulnerability in Deprecated Try-It Feature of Multiple WSO2 Products",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8",
        "assignerShortName": "WSO2",
        "cveId": "CVE-2025-5350",
        "datePublished": "2025-10-24T10:08:07.719Z",
        "dateReserved": "2025-05-30T06:56:02.711Z",
        "dateUpdated": "2025-10-24T12:16:49.892Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }