Maven package
org.wso2.carbon.registry/carbon-registry
pkg:maven/org.wso2.carbon.registry/carbon-registry
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-6911 | — | < 4.7.37 | 4.7.37 | Dec 18, 2023 | Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console. | ||
| CVE-2022-4521 | — | < 4.8.7 | 4.8.7 | Dec 15, 2022 | A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profile_menu leads to cross site scripting. It is | ||
| CVE-2022-4520 | — | < 4.8.12 | 4.8.12 | Dec 15, 2022 | A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor |
- CVE-2023-6911Dec 18, 2023affected < 4.7.37fixed 4.7.37
Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can be carried out by an attacker injecting a malicious payload into the Registry feature of the Management Console.
- CVE-2022-4521Dec 15, 2022affected < 4.8.7fixed 4.8.7
A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profile_menu leads to cross site scripting. It is
- CVE-2022-4520Dec 15, 2022affected < 4.8.12fixed 4.8.12
A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor