VYPR

Maven package

org.wso2.carbon.apimgt/org.wso2.carbon.apimgt.api

pkg:maven/org.wso2.carbon.apimgt/org.wso2.carbon.apimgt.api

Vulnerabilities (1)

  • CVE-2025-4760Sep 23, 2025
    affected < 9.31.117fixed 9.31.117

    An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing ma