Reflected Cross-Site Scripting (XSS) Vulnerability in WSO2 Identity Server and Key Manager Management Console Basic Policy Editor

Reflected Cross-Site Scripting (XSS) Vulnerability in WSO2 Identity Server and Key Manager Management Console Basic Policy Editor

CVE-2020-14445 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through 5.9.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console Basic Policy Editor user Interface.

Learn more about our Cis Benchmark Audit For Server Software.