Maven package
org.wso2.carbon.apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1
pkg:maven/org.wso2.carbon.apimgt/org.wso2.carbon.apimgt.rest.api.publisher.v1
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-4760 | — | < 9.31.117 | 9.31.117 | Sep 23, 2025 | An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing ma |
- CVE-2025-4760Sep 23, 2025affected < 9.31.117fixed 9.31.117
An authenticated stored cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper validation of user-supplied input during API document upload in the Publisher portal. A user with publisher privileges can upload a crafted API document containing ma