{"id":7811,"date":"2019-07-06T20:30:06","date_gmt":"2019-07-07T03:30:06","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=zerodays&p=7811"},"modified":"2023-02-06T10:28:24","modified_gmt":"2023-02-06T17:28:24","slug":"cve-2019-20440-wso2","status":"publish","type":"zerodays","link":"https:\/\/webdev.securin.xyz\/zerodays\/cve-2019-20440-wso2\/","title":{"rendered":"CVE-2019-20440 – Multiple Reflected Cross-site Scripting in WSO2"},"content":{"rendered":"

Multiple Reflected Cross-Site Scripting (XSS) vulnerability exists in WSO2 API Manager Product 2.6.0 in the update API documentation feature of the API Publisher. A reflected cross-site script (XSS) vulnerability allows an attacker to inject malicious code into the application. An input variable vulnerable to reflected XSS is ‘docName,’ ‘version’ and ‘apiName’ in the APIs page.<\/p>\n","protected":false},"featured_media":7776,"parent":0,"menu_order":0,"template":"","vulnerability_categories":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7811"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/zerodays"}],"version-history":[{"count":5,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7811\/revisions"}],"predecessor-version":[{"id":13651,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/zerodays\/7811\/revisions\/13651"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/7776"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=7811"}],"wp:term":[{"taxonomy":"vulnerability_categories","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/vulnerability_categories?post=7811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}