CVSS: 8.5EPSS: 0%CPEs: 26EXPL: 0CVE-2023-6837
https://notcve.org/view.php?id=CVE-2023-6837
Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: * An IDP configured for federated authentication and JIT provisioning enabled with the "Prompt for username, password and consent" option. * A service provider that uses the above IDP for federated authentication and has the "Assert identity using mapped local subject identifier" flag enabled. Attacker should have: * A fresh valid user account in the federated IDP that has not been used earlier. * Knowledge of the username of a valid user in the local IDP. When all preconditions are met, a malicious actor could use JIT provisioning flow to perform user impersonation. Se han identificado varios productos WSO2 como vulnerables para realizar suplantaciones de usuarios mediante el aprovisionamiento JIT. Para que esta vulnerabilidad tenga algún impacto en su implementación, se deben cumplir las siguientes condiciones: * Un IDP configurado para autenticación federada y aprovisionamiento JIT habilitado con la opción "Solicitar nombre de usuario, contraseña y consentimiento". * Un proveedor de servicios que utiliza el IDP anterior para la autenticación federada y tiene habilitada la opción "Afirmar identidad utilizando un identificador de sujeto local asignado". El atacante debe tener: * Una cuenta de usuario nueva y válida en el IDP federado que no se haya utilizado anteriormente. * Conocimiento del nombre de usuario de un usuario válido en el IDP local. • https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1573 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4520 – WSO2 carbon-registry Advanced Search advancedSearchForm-ajaxprocessor.jsp cross site scripting
https://notcve.org/view.php?id=CVE-2022-4520
A vulnerability was found in WSO2 carbon-registry up to 4.8.11. It has been rated as problematic. Affected by this issue is some unknown functionality of the file components/registry/org.wso2.carbon.registry.search.ui/src/main/resources/web/search/advancedSearchForm-ajaxprocessor.jsp of the component Advanced Search. The manipulation of the argument mediaType/rightOp/leftOp/rightPropertyValue/leftPropertyValue leads to cross site scripting. The attack may be launched remotely. • https://github.com/wso2/carbon-registry/commit/0c827cc1b14b82d8eb86117ab2e43c34bb91ddb4 https://github.com/wso2/carbon-registry/pull/404 https://github.com/wso2/carbon-registry/releases/tag/v4.8.12 https://vuldb.com/?id.215900 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-707: Improper Neutralization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4521 – WSO2 carbon-registry Request Parameter cross site scripting
https://notcve.org/view.php?id=CVE-2022-4521
A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profile_menu leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 4.8.7 is able to address this issue. • https://github.com/wso2/carbon-registry/commit/9f967abfde9317bee2cda469dbc09b57d539f2cc https://github.com/wso2/carbon-registry/pull/399 https://github.com/wso2/carbon-registry/releases/tag/v4.8.7 https://vuldb.com/?id.215901 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.7EPSS: 1%CPEs: 1EXPL: 3CVE-2016-4315 – WSO2 Carbon 4.4.5 - Denial of Service / Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2016-4315
Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp. Vulnerabilidad de CSRF en WSO2 Carbon 4.4.5 permite a atacantes remotos secuestrar la autenticación de usuarios privilegiados para solicitudes que apagan un servidor a través de una acción de cierre de server-admin/proxy_ajaxprocessor.jsp. WSO2 Carbon version 4.4.5 suffers from a cross site request forgery vulnerability that can trigger a denial of service condition. • https://www.exploit-db.com/exploits/40242 http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-CSRF-DOS.txt http://packetstormsecurity.com/files/138332/WSO2-Carbon-4.4.5-Cross-Site-Request-Forgery-Denial-Of-Service.html http://www.securityfocus.com/archive/1/539202/100/0/threaded http://www.securityfocus.com/bid/92473 https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2016-0101 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 3CVE-2016-4316 – WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2016-4316
Multiple cross-site scripting (XSS) vulnerabilities in WSO2 Carbon 4.4.5 allow remote attackers to inject arbitrary web script or HTML via the (1) setName parameter to identity-mgt/challenges-mgt.jsp; the (2) webappType or (3) httpPort parameter to webapp-list/webapp_info.jsp; the (4) dsName or (5) description parameter to ndatasource/newdatasource.jsp; the (6) phase parameter to viewflows/handlers.jsp; or the (7) url parameter to ndatasource/validateconnection-ajaxprocessor.jsp. Múltiples vulnerabilidades de XSS en WSO2 Carbon 4.4.5 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) setName a identity-mgt/challenges-mgt.jsp; el parámetro (2) webappType o (3) httpPort para webapp-list/webapp_info.jsp; el parámetro (4) dsName o (5) description para ndatasource/newdatasource.jsp; el parámetro (6) phase para viewflows/handlers.jsp; o el parámetro (7) url para ndatasource/validateconnection-ajaxprocessor.jsp. WSO2 Carbon version 4.4.5 suffers from multiple cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/40241 http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-PERSISTENT-XSS-COOKIE-THEFT.txt http://packetstormsecurity.com/files/138331/WSO2-Carbon-4.4.5-Cross-Site-Scripting.html http://www.securityfocus.com/archive/1/539201/100/0/threaded http://www.securityfocus.com/bid/92473 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •