XML External Entity (XXE) Vulnerability in WSO2 API Manager, API Microgateway, and IS Key Manager
CVE-2020-13883 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.
Learn more about our Api Penetration Testing.