VYPR

Maven package

org.wso2.carbon.identity.framework/org.wso2.carbon.identity.user.store.configuration.ui

pkg:maven/org.wso2.carbon.identity.framework/org.wso2.carbon.identity.user.store.configuration.ui

Vulnerabilities (1)

  • CVE-2024-8008Jun 2, 2025
    affected < 7.5.12fixed 7.5.12

    A reflected cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to insufficient output encoding in error messages generated by the JDBC user store connection validation request. A malicious actor can inject a specially crafted payload into the request, c