Arbitrary File Upload Vulnerability in WSO2 API Manager 2.6.0

Arbitrary File Upload Vulnerability in WSO2 API Manager 2.6.0

CVE-2019-6513 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.

Learn more about our Api Penetration Testing.