7:["$","div",null,{"suppressHydrationWarning":true,"className":"max-w-screen overflow-hidden bg-asmPageTopBG bg-repeat-space bg-cover","children":["$","$L15",null,{"blok":{"_uid":"cb152be4-417a-4aef-9712-8494a3155411","body":[{"_uid":"4edbefe1-ae1d-43b7-8adc-d16a6e03346e","component":"global_header","reference":[{"name":"Navigation","created_at":"2025-12-12T21:23:00.099Z","published_at":"2025-12-10T18:12:48.651Z","updated_at":"2025-12-12T21:23:00.099Z","id":122408878506357,"uuid":"a01aed2a-fcd9-445e-ba4f-1e207f311d2b","content":{"_uid":"888f9d58-d099-4867-a1db-115cd704c6d4","global":[{"Nav":[{"_uid":"ba481eb4-d534-400f-b77a-aa26ad4718d2","name":"Products","title":"All Products","Navitems":[{"url":{"id":"5ba4d0b3-4dad-41b8-bbc3-6b1183a20287","url":"","linktype":"story","fieldtype":"multilink","cached_url":"attack-surface-management"},"_uid":"9960bd3d-1982-4572-a3bb-75cb0886b040","icon":{"id":21241298,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/a88052a5e6/asm.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Attack Surface Management","subtitle":"Get a hacker’s view of your known & unknown assets and exposures.","component":"Headernavitem","_editable":""},{"url":{"id":"14293fda-cbfc-4292-889b-ac1fe826e69d","url":"","linktype":"story","fieldtype":"multilink","cached_url":"vulnerability-intelligence"},"_uid":"8700128b-0f30-4730-8a02-e8fb31f3527b","icon":{"id":21241294,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/7c5a26d895/vi.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Vulnerability Intelligence","subtitle":"Cybersecurity strategy with timely, contextual, & predictive insights.","component":"Headernavitem","_editable":""}],"component":"Navigation","_editable":""},{"_uid":"cbaff37c-0c5e-457a-a014-64e2a1a1579d","name":"Solutions","title":"All Solutions","Navitems":[{"url":{"id":"1fe67f71-dca0-4ae7-8086-45424812c7c2","url":"","linktype":"story","fieldtype":"multilink","cached_url":"vulnerability-management"},"_uid":"554e3dd3-c9f2-41ac-96f3-a4cfc227ecd5","icon":{"id":21241299,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/e7370ee665/vm.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Vulnerability Management","subtitle":"Manage evolving risks with continuous threat analysis.","component":"Headernavitem","_editable":""},{"url":{"id":"9385496e-0e96-409c-a551-1be788461163","url":"","linktype":"story","fieldtype":"multilink","cached_url":"penetration-testing"},"_uid":"33edd474-13a7-4ce7-b86b-caa079bdf644","icon":{"id":21323606,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/12dc098b21/pentest-1.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Penetration Testing","subtitle":"Test your defenses before an attacker exploits them.","component":"Headernavitem","_editable":""}],"component":"Navigation","_editable":""},{"_uid":"bc900e69-950c-40fb-91af-9d4742d9f48e","name":"Use Cases","title":"All Use Cases","Navitems":[{"url":{"id":"0aaf2b18-9d31-4dce-937b-3dbb24b44e5a","url":"","linktype":"story","fieldtype":"multilink","cached_url":"continous-attack-surface-reduction"},"_uid":"e3765180-6f96-40eb-9f64-215b33de28db","icon":{"id":21241305,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/834a67323c/casr.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Continuous Attack Surface Reduction","subtitle":"Continuous visibility into your attack surface for proactive mitigation.","component":"Headernavitem","_editable":""},{"url":{"id":"17c33595-9ad4-45cf-aa34-1d759f00f4d8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"assets-with-known-ransomware-exploitable-vulnerabilities"},"_uid":"f8a18872-047e-4ae1-91ce-e54afb29b485","icon":{"id":21448618,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/140x140/4a5cbbbb3f/assets.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Assets with Known Ransomware & Exploitable Vulnerabilities","subtitle":"Discover if you are exposed to known ransomware vulnerabilities or not.","component":"Headernavitem","_editable":""},{"url":{"id":"59a08f71-0be4-46cf-9b61-af87e90775de","url":"","linktype":"story","fieldtype":"multilink","cached_url":"network-application-vulnerability-management"},"_uid":"68ad5556-028e-42c4-8c40-5278f33da543","icon":{"id":21241295,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/0fcbc28b9d/navm.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Network & Application Vulnerability Management","subtitle":"We scan, detect, analyze, & prioritize vulnerabilities in your network & apps.","component":"Headernavitem","_editable":""},{"url":{"id":"e357eb6c-b37f-42c2-8160-c55410d1c6fd","url":"","linktype":"story","fieldtype":"multilink","cached_url":"vulnerability-prioritization"},"_uid":"7e2e4250-652c-47cd-8118-25c56396cfee","icon":{"id":21448658,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/140x140/5582316119/vulnerability-priortization.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Vulnerability Prioritization","subtitle":"Prioritize vulnerabilities for quicker remediation.","component":"Headernavitem","_editable":""},{"url":{"id":"1f0dc561-50ef-4fbe-b051-11e113988951","url":"","linktype":"story","fieldtype":"multilink","cached_url":"network-infrastructure-penetration-testing"},"_uid":"79250bf9-09ba-4dea-86bd-f576850a3057","icon":{"id":21241302,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/a9a76f74bf/nipt.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Network & Infrastructure Penetration Testing","subtitle":"Penetration experts simulate real-world attacks on your environment.","component":"Headernavitem","_editable":""},{"url":{"id":"44727d2d-19cd-4f69-a329-ccef5b64a5a7","url":"","linktype":"story","fieldtype":"multilink","cached_url":"meet-your-compliance-requirements"},"_uid":"d1abf960-90ab-4e4a-8147-89d998b16f3b","icon":{"id":21448637,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/140x140/9e6ffcf73a/meet.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Meet your Compliance Requirements","subtitle":"Manage compliance requirements and test your security controls.","component":"Headernavitem","_editable":""}],"component":"Navigation","_editable":""},{"_uid":"ce844fb3-7d75-43ca-b03d-fc2d36f03121","link":{"id":"c801d107-dc40-4bc1-99ba-243fe92ceee1","url":"","linktype":"story","fieldtype":"multilink","cached_url":"partners"},"name":"Partners","title":"Partners","Navitems":[],"component":"Navigation","_editable":""},{"_uid":"65cfc6ff-bb0b-4ff4-bd69-f3ab676e570f","name":"Resources","title":"All Resources","Navitems":[{"url":{"id":"db92bf62-b3aa-4767-8c4d-f8e6a6588af8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"reports"},"_uid":"cce882f8-f607-4ed6-9f5d-7d967509161b","icon":{"id":21241293,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/e019aafb50/reports.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Reports","subtitle":"Your trusted source for comprehensive insights.","component":"Headernavitem","_editable":""},{"url":{"id":"71481572-d542-499b-ba96-cf7eb6530c95","url":"","linktype":"story","fieldtype":"multilink","cached_url":"press-releases"},"_uid":"726f54bb-f50b-4d15-a032-564bc3ece243","icon":{"id":21241296,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/31f000d7f1/mc.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Press Releases","subtitle":"Latest announcements from Securin.","component":"Headernavitem","_editable":""},{"url":{"id":"","url":"https://www.securin.io/articles","linktype":"url","fieldtype":"multilink","cached_url":"https://www.securin.io/articles"},"_uid":"a734e86d-446c-4740-9fd5-67cd33a6ddff","icon":{"id":21241300,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/4f16501ed6/articles.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Articles","subtitle":"Read about the latest news & updates in cybersecurity.","component":"Headernavitem","_editable":""},{"url":{"id":"58fb24b2-197b-40c9-b96c-917f20a5203c","url":"","linktype":"story","fieldtype":"multilink","cached_url":"media-coverage"},"_uid":"c5455cdc-c4aa-4a7c-a24e-5cb816ba10e3","icon":{"id":22191227,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/689424e016/media-coverage-icon.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Media Coverage","subtitle":"See Securin in the news.","component":"Headernavitem","_editable":""},{"url":{"id":"e9406dca-295b-4e76-8a13-3b057260fbf8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"zero-days"},"_uid":"cd0d1ab4-7b63-433d-b14a-d20dd2029925","icon":{"id":22191228,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/70x70/16276d1e46/zero-days-icon.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Zero Days","subtitle":"Zero days discovered by Securin as a CNA.","component":"Headernavitem","_editable":""},{"url":{"id":"f8a9fdba-9a79-4683-b055-196f6972b35f","url":"","linktype":"story","fieldtype":"multilink","cached_url":"ai-research-and-development"},"_uid":"cf2db2da-1796-4a63-9172-45e2fa707f4e","icon":{"id":23128701,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/100x100/98f24a7a21/ai-icon.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"AI R&D","subtitle":"Transforming AI security","component":"Headernavitem","_editable":""},{"url":{"id":"294fda8c-1175-4451-a050-4bd6a905b4d5","url":"","linktype":"story","fieldtype":"multilink","cached_url":"glossary"},"_uid":"9ff4140b-e81b-4e52-98c2-acd88945ac3f","icon":{"id":119355095319110,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/140x140/2b0bf16205/whatsapp-image-2025-12-03-at-5-47-53-pm.jpeg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Glossary","subtitle":"Your essential cybersecurity glossary.","component":"Headernavitem","_editable":""}],"component":"Navigation","_editable":""},{"_uid":"4c1f8557-0141-4730-8f9f-53d1afccd253","name":"About Us","title":"About Us","Navitems":[{"url":{"id":"d50c67b9-5e79-4b73-b17e-64b2b62cd1c8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"overview"},"_uid":"ab8f54f9-4c47-47bd-8b3e-968740897e02","icon":{"id":21448402,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/105x105/9c403d1155/who-we-are.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Who We Are","subtitle":"Get to know us better!","component":"Headernavitem","_editable":""},{"url":{"id":"","url":"https://careers.securin.io/jobs/Careers","target":"_blank","linktype":"url","fieldtype":"multilink","cached_url":"https://careers.securin.io/jobs/Careers"},"_uid":"eaec0e73-d5ad-4a34-b535-54c2f6f45d70","icon":{"id":21448419,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/105x105/37c7256d56/career.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Careers","subtitle":"Come work with us.","component":"Headernavitem","_editable":""},{"url":{"id":"2de96d0f-a87b-4413-844a-afdc684462ee","url":"","linktype":"story","fieldtype":"multilink","cached_url":"patents"},"_uid":"99148571-68ba-4af3-a2b5-28df368679c5","icon":{"id":22748194,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/312x385/be4d582b51/securin-patent-1.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Patents","subtitle":"Our innovative cybersecurity patents .","component":"Headernavitem","_editable":""},{"url":{"id":"459c627c-58d2-4d3b-9041-a2c79e1452c9","url":"","linktype":"story","fieldtype":"multilink","cached_url":"contact-us"},"_uid":"60f08250-27e1-4de0-b251-a4e241d593fa","icon":{"id":21448457,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/105x105/1cdadd4651/let-s-chat.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"title":"Let's Chat","subtitle":"Connect with our experts.","component":"Headernavitem","_editable":""}],"component":"Navigation","_editable":""}],"_uid":"2cf86c8f-c4a6-4a06-b37e-514864bee646","component":"GlobalNav","_editable":""}],"component":"Global","_editable":""},"slug":"navigation","full_slug":"global/navigation","sort_by_date":null,"position":-10,"tag_list":[],"is_startpage":false,"parent_id":122408867598516,"meta_data":null,"group_id":"7eece501-7a27-4c71-8033-d7a2ec2f9b6e","first_published_at":"2025-03-05T13:02:52.985Z","release_id":null,"lang":"default","path":null,"alternates":[],"default_full_slug":null,"translated_slugs":null,"_stopResolving":true}],"_editable":""},{"_uid":"806a061f-8c6a-4e76-a304-af973b8af6b0","lead":"CVE-2020-14445 ","image":{"id":22105304,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/382x407/4c49b237d1/zerodaysmedium.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"heading":"Securin Zero-Days","component":"Zero Days Hero","subheading":"Stored Cross-Site Scripting in WSO2 Product","published_date":"2020-02-10 18:51","publisher_icon":{"id":22221519,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/1200x1200/8a517267be/wso2.png","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"_editable":""},{"_uid":"0d770317-59d6-43e5-8788-ba78d171568e","component":"Zero Days Table","TableColumn":[{"_uid":"a25557b9-165d-4112-bf09-32ed0f8d1e42","lead":"WSO2","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Vendor","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"50ee0394-b48c-47d5-9b41-228354a9849b","lead":"See Full List Below*","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Affected Product","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"40105dfa-9801-4fc4-ae18-82c9bf7fa40f","lead":"CVE-2020-14445","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"CVE","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"ee77fdf5-489a-448e-8a8e-db9609e84050","lead":"2020-CSW-05-1043","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Securin ID","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"f6141e15-7269-43d7-9243-7a27ed9b1ecd","lead":"Fixed","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Status","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"af1bb479-00e0-48ac-a88a-94f10ab9bb9d","lead":"Feb 10, 2020","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Date","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""}],"_editable":""},{"_uid":"36698a31-a1f6-4d14-98e2-35dc4102085d","content":{"type":"doc","content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Description","type":"text","marks":[{"type":"bold"}]}]},{"type":"paragraph","content":[{"text":"A cross-site scripting (XSS) attack can cause arbitrary code (JavaScript) to run in a user’s browser while the browser is connected to a trusted web site. The application targets your users and not the application itself, but it uses your application as the vehicle for the attack. XSS payload is executed when the user loads a page created in WSO2 Identity Server version 5.9.0 Product.","type":"text"}]},{"type":"paragraph","content":[{"text":"*Affected Products: ","type":"text","marks":[{"type":"bold"}]},{"text":"WSO2 IS as Key Manager 5.9.0 or earlier, WSO2 Identity Server 5.9.0 or earlier","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Proof of Concept (POC):","type":"text","marks":[{"type":"bold"}]}]},{"type":"paragraph","content":[{"text":"The following vulnerability was tested on WSO2 Identity Server version 5.9.0 Product.","type":"text"}]},{"type":"paragraph","content":[{"text":"Issue 1: Stored cross-site scripting.","type":"text"}]},{"type":"paragraph","content":[{"type":"image","attrs":{"id":22378027,"alt":"","src":"https://a.storyblok.com/f/313778/940x452/2fb6b724e9/figure-1-navigating-to-the-policy-administration-and-clicking-the-add-new-entitlement-policy-link.png","title":"","source":"","copyright":"","meta_data":{}}}]},{"type":"paragraph","content":[{"text":"Figure 1: Navigating to the Policy Administration and Clicking the Add New Entitlement Policy Link.","type":"text","marks":[{"type":"bold"},{"type":"italic"}]}]},{"type":"paragraph","content":[{"text":" ","type":"text"},{"type":"image","attrs":{"id":22378031,"alt":"","src":"https://a.storyblok.com/f/313778/940x420/fe28608ae8/figure-2-clicking-on-basic-policy-editor-will-redirect-to-the-url.png","title":"","source":"","copyright":"","meta_data":{}}}]},{"type":"paragraph","content":[{"text":"Figure 2: Clicking on Basic Policy Editor will redirect to the URL.","type":"text","marks":[{"type":"bold"},{"type":"italic"}]}]},{"type":"paragraph","content":[{"type":"image","attrs":{"id":22378028,"alt":"","src":"https://a.storyblok.com/f/313778/940x490/3453ad7fe3/figure-3-fill-the-necessary-details-and-move-to-the-define-entitlement-rules-section.png","title":"","source":"","copyright":"","meta_data":{}}}]},{"type":"paragraph","content":[{"text":"Figure 3: Fill the necessary details and Move to the Define Entitlement Rules section.","type":"text","marks":[{"type":"bold"},{"type":"italic"}]}]},{"type":"paragraph","content":[{"type":"image","attrs":{"id":22378032,"alt":"","src":"https://a.storyblok.com/f/313778/940x459/53d7b72d87/figure-4-intercepting-the-request-and-ruleid-variable-is-added-with-xss-payload.png","title":"","source":"","copyright":"","meta_data":{}}}]},{"type":"paragraph","content":[{"text":"Figure 4: Intercepting the request, and ‘RuleID’ variable is added with XSS Payload.","type":"text","marks":[{"type":"bold"},{"type":"italic"}]}]},{"type":"paragraph","content":[{"type":"image","attrs":{"id":22378030,"alt":"","src":"https://a.storyblok.com/f/313778/940x490/690d858deb/figure-5-inserted-payload-gets-stored-and-executed-whenever-the-user-visits-the-page.png","title":"","source":"","copyright":"","meta_data":{}}}]},{"type":"paragraph","content":[{"text":"Figure 5: Inserted payload gets stored and executed whenever the user visits the page.","type":"text","marks":[{"type":"bold"},{"type":"italic"},{"type":"textStyle","attrs":{"color":""}}]}]},{"type":"paragraph","content":[{"type":"image","attrs":{"id":22378029,"alt":"","src":"https://a.storyblok.com/f/313778/940x429/f350f5f428/figure-6-stored-xss-payload-in-the-source-code.png","title":"","source":"","copyright":"","meta_data":{}}}]},{"type":"paragraph","content":[{"text":"Figure 6: Stored XSS payload in the source code.","type":"text","marks":[{"type":"bold"},{"type":"italic"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Impact","type":"text","marks":[{"type":"bold"}]}]},{"type":"paragraph","content":[{"text":"By leveraging an XSS attack, an attacker can make the browser get redirected to a malicious website, make changes in the UI of the web page, retrieve information from the browser or harm otherwise. However, since all the session related sensitive cookies are set with httpOnly flag and protected, session hijacking or similar attacks would not be possible.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Remediations","type":"text","marks":[{"type":"bold"}]}]},{"type":"paragraph","content":[{"text":"Apply the relevant fixes based on the changes from the public fix using the following link:","type":"text"}]},{"type":"paragraph","content":[{"text":"https://github.com/wso2/carbon-identity-framework/pull/2794","type":"text","marks":[{"type":"link","attrs":{"href":"https://github.com/wso2/carbon-identity-framework/pull/2794","uuid":null,"anchor":null,"target":null,"linktype":"url"}},{"type":"textStyle","attrs":{"color":"#1155CC"}}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Timeline","type":"text","marks":[{"type":"bold"}]}]},{"type":"paragraph"}]},"component":"Zero Days Content","_editable":""},{"_uid":"d23431e6-b0c4-4b31-b8ef-7fc30f713473","component":"Timeline Content","TimelineItems":[{"_uid":"a880c229-3198-4aa2-ab58-4233b09bfa7c","lead":"Discovered in WSO2 Identity Server Manager version 5.9.0.","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Jan 31, 2020","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"e96e3743-d5ac-44dc-9875-d87aaa6fd007","lead":"CSW Internal Review.","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Feb 04, 2020","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"88f4261a-bbfc-4d1c-b625-0184fe61c4cf","lead":"Reported to the WSO2 security team.","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"Feb 10, 2020","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""},{"_uid":"0ab38f57-0093-4377-94d4-99c05a006daa","lead":"Published to the public.","text":{"type":"doc","content":[{"type":"paragraph"}]},"button":[],"headline":"May 13, 2020","alignment":"center","component":"text-section","background_color":"white","overlap_preceding_hero":false,"single_color_background":false,"_editable":""}],"_editable":""},{"_uid":"7f1fa798-d559-4e8d-acba-4b5158cf64f2","icon":{"id":22108202,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/54x69/75ce3828b1/zerodaysfc.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"text":"Let Securin level up your security posture!","component":"Zero Days Footer CTA","buttonLink":{"id":"459c627c-58d2-4d3b-9041-a2c79e1452c9","url":"","linktype":"story","fieldtype":"multilink","cached_url":"contact-us"},"buttonText":"Start Now","_editable":""},{"_uid":"c80c46e2-704d-4662-b20a-4f2afeaf2950","component":"global_reference","reference":[{"name":"Footer","created_at":"2025-12-12T21:23:00.099Z","published_at":"2025-09-25T08:28:11.663Z","updated_at":"2025-12-12T21:23:00.099Z","id":122408878502260,"uuid":"dab2b928-0fc3-4089-80b3-767d414eae87","content":{"_uid":"78c16d78-9604-4304-8964-fb9c971cec17","global":[{"_uid":"c38a57d1-6019-4662-ac0d-4ff9dc3d2700","items":[{"_uid":"1321a724-b4f0-4637-b2d7-4d958f76bcb7","text":"Securin helps leaders continuously improve their security posture. We work as an extension of your team to better protect your organization.","image":{"id":21111115,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/196x43/202124087b/securinlogo.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"component":"FooterColumn1","sociallinks":[{"url":{"id":"","url":"https://www.facebook.com/securininc/","linktype":"url","fieldtype":"multilink","cached_url":"https://www.facebook.com/securininc/"},"_uid":"483fbfd4-d5de-4cfc-930a-99ad920c9b51","image":{"id":21111123,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/64x64/31d436da9a/facebook.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"component":"socialitem","_editable":""},{"url":{"id":"","url":"https://www.linkedin.com/company/securin-inc","linktype":"url","fieldtype":"multilink","cached_url":"https://www.linkedin.com/company/securin-inc"},"_uid":"fd906267-1e23-41b9-8453-c00359787bc4","image":{"id":21111126,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/64x64/d1c9e6c6b2/linkedin.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"component":"socialitem","_editable":""},{"url":{"id":"","url":"https://x.com/securin_inc","linktype":"url","fieldtype":"multilink","cached_url":"https://x.com/securin_inc"},"_uid":"023d62af-458f-4af0-b057-c421664bc550","image":{"id":21111125,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/64x64/7fa2bcc6d1/x.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"component":"socialitem","_editable":""},{"url":{"id":"","url":"https://www.youtube.com/channel/UCUbeF1KnED2KR87b74moVng","linktype":"url","fieldtype":"multilink","cached_url":"https://www.youtube.com/channel/UCUbeF1KnED2KR87b74moVng"},"_uid":"27bc3da1-b1bf-452b-899b-f726e0573785","image":{"id":21111124,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/64x64/5bab65fc1e/yt.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"component":"socialitem","_editable":""},{"url":{"id":"","url":"https://www.instagram.com/securininc/","linktype":"url","fieldtype":"multilink","cached_url":"https://www.instagram.com/securininc/"},"_uid":"bca52616-0b28-48b1-9ff5-78da89049b91","image":{"id":21111122,"alt":"","name":"","focus":"","title":"","source":"","filename":"https://a.storyblok.com/f/313778/64x64/e2b9a06f92/instagram.svg","copyright":"","fieldtype":"asset","meta_data":{},"is_external_url":false},"component":"socialitem","_editable":""}],"_editable":""},{"_uid":"0550b47c-24a0-4335-a246-a44b5447a111","email":"info@securin.io","phone":"+1 844-391-2089","title":"Contact Us","address":"2440 Louisiana Blvd NE #560, Albuquerque, NM 87110","component":"FooterColumn2","_editable":""},{"_uid":"4261e9fd-90be-43ba-989c-b18bf214df1a","Title":"Solutions","component":"FooterGenericItem","FooterLinks":[{"url":{"id":"5ba4d0b3-4dad-41b8-bbc3-6b1183a20287","url":"","linktype":"story","fieldtype":"multilink","cached_url":"attack-surface-management"},"_uid":"4b5af435-681f-4ddf-a514-d42f5b500594","text":"Attack Surface Management","component":"FooterLink","_editable":""},{"url":{"id":"14293fda-cbfc-4292-889b-ac1fe826e69d","url":"","linktype":"story","fieldtype":"multilink","cached_url":"vulnerability-intelligence"},"_uid":"05012d2c-7e65-4796-abfe-cec840dcec79","text":"Vulnerability Intelligence","component":"FooterLink","_editable":""},{"url":{"id":"1fe67f71-dca0-4ae7-8086-45424812c7c2","url":"","linktype":"story","fieldtype":"multilink","cached_url":"vulnerability-management"},"_uid":"0c3f0709-675a-401a-b6aa-cdddae9f88de","text":"Vulnerability Management","component":"FooterLink","_editable":""},{"url":{"id":"9385496e-0e96-409c-a551-1be788461163","url":"","linktype":"story","fieldtype":"multilink","cached_url":"penetration-testing"},"_uid":"a11c509a-3975-4115-9b5b-17fad5298c18","text":"Penetration Testing","component":"FooterLink","_editable":""}],"_editable":""},{"_uid":"9bdee094-39b9-4230-8c02-a2bfb41f6f2e","Title":"Resources","component":"FooterGenericItem","FooterLinks":[{"url":{"id":"","url":"https://www.securin.io/articles","linktype":"url","fieldtype":"multilink","cached_url":"https://www.securin.io/articles"},"_uid":"3d29a8a0-0be1-4d0e-891e-6c1e17171484","text":"Articles","component":"FooterLink","_editable":""},{"url":{"id":"db92bf62-b3aa-4767-8c4d-f8e6a6588af8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"reports"},"_uid":"0e1baf58-1d99-4a31-b715-20c0014c0c7f","text":"Reports","component":"FooterLink","_editable":""},{"url":{"id":"71481572-d542-499b-ba96-cf7eb6530c95","url":"","linktype":"story","fieldtype":"multilink","cached_url":"press-releases"},"_uid":"c7cc1a4b-a94e-4152-89f8-9de0b70693b8","text":"Press Releases","component":"FooterLink","_editable":""},{"url":{"id":"58fb24b2-197b-40c9-b96c-917f20a5203c","url":"","linktype":"story","fieldtype":"multilink","cached_url":"media-coverage"},"_uid":"05496d03-da7f-4506-96b9-5cecdb65a5ad","text":"Media Coverage","component":"FooterLink","_editable":""},{"url":{"id":"e9406dca-295b-4e76-8a13-3b057260fbf8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"zero-days"},"_uid":"ecbd6fa6-92c0-4bc0-842a-93703b0447a4","text":"Zero Days","component":"FooterLink","_editable":""},{"url":{"id":"f8a9fdba-9a79-4683-b055-196f6972b35f","url":"","linktype":"story","fieldtype":"multilink","cached_url":"ai-research-and-development"},"_uid":"bfa230aa-d0e3-461b-b426-e6630fdc0c69","text":"AI R&D","component":"FooterLink","_editable":""}],"_editable":""},{"_uid":"fee5eb9a-d971-4764-b21c-bc91df2b059c","Title":"Company","component":"FooterGenericItem","FooterLinks":[{"url":{"id":"d50c67b9-5e79-4b73-b17e-64b2b62cd1c8","url":"","linktype":"story","fieldtype":"multilink","cached_url":"overview"},"_uid":"4d9f8089-31c1-4a0b-884c-f3f95e198df7","text":"Who We Are","component":"FooterLink","_editable":""},{"url":{"id":"b50e02db-acf6-421f-9818-eeb29d991537","url":"","linktype":"story","fieldtype":"multilink","cached_url":"careers"},"_uid":"77b87ac9-8c7a-448a-96ee-4a92183f9792","text":"Careers","component":"FooterLink","_editable":""}],"_editable":""},{"_uid":"e387cd83-c5ac-49d4-92ce-e9e9bcce9e7e","links":[{"url":{"id":"7fc51f60-331b-42d5-bb41-4b190aca7e66","url":"","linktype":"story","fieldtype":"multilink","cached_url":"privacy-policy"},"_uid":"b6e10f1b-9d8b-419c-9ce2-e5a621144105","text":"Privacy Policy","component":"FooterLink","_editable":""},{"url":{"id":"b30581f8-32a0-467a-a935-eda15bf6d9e9","url":"","linktype":"story","fieldtype":"multilink","cached_url":"customer-agreements"},"_uid":"3346f5e4-a947-44e0-9ed7-c4ff38a42e30","text":"Customer Agreements","component":"FooterLink","_editable":""},{"url":{"id":"","url":"","linktype":"story","fieldtype":"multilink","cached_url":""},"_uid":"718dc509-b52a-4050-a565-2ed72524f0ff","text":"Sitemap","component":"FooterLink","_editable":""}],"component":"FooterBottom","copyright":"© Copyright 2025 Securin. All Rights Reserved.","_editable":""}],"component":"GlobalFooter","FooterBottom":[{"_uid":"c31edcc5-d2cb-4d2c-b4d6-c91225c9cee8","links":[{"url":{"id":"7fc51f60-331b-42d5-bb41-4b190aca7e66","url":"","linktype":"story","fieldtype":"multilink","cached_url":"privacy-policy"},"_uid":"aa9fd59a-54a5-4be0-881e-566b063eea06","text":"Privacy Policy","component":"FooterLink","_editable":""},{"url":{"id":"b30581f8-32a0-467a-a935-eda15bf6d9e9","url":"","linktype":"story","fieldtype":"multilink","cached_url":"customer-agreements"},"_uid":"b1904ce9-2542-4525-8c04-9c3576c62afa","text":"Customer Agreements","component":"FooterLink","_editable":""}],"component":"FooterBottom","copyright":"© Copyright 2025 Securin. All Rights Reserved.","_editable":""}],"_editable":""}],"component":"Global","_editable":""},"slug":"footer","full_slug":"global/footer","sort_by_date":null,"position":0,"tag_list":[],"is_startpage":false,"parent_id":122408867598516,"meta_data":null,"group_id":"f7518288-834a-4090-94b8-8ef3b2143a8c","first_published_at":"2025-02-26T08:19:02.299Z","release_id":null,"lang":"default","path":null,"alternates":[],"default_full_slug":null,"translated_slugs":null,"_stopResolving":true}],"_editable":""}],"component":"page","datasheet":{"id":"","url":"","linktype":"story","fieldtype":"multilink","cached_url":""},"metafields":{"_uid":"b0337aeb-a0cb-4d33-a404-50b260abfbed","title":"CVE-2020-14445: Reflected XSS in WSO2 Identity Server","plugin":"seo_metatags","og_image":"","og_title":"CVE-2020-14445: Reflected XSS in WSO2 Identity Server","description":"Securin reports CVE-2020-14445—a reflected XSS flaw in WSO2 Identity Server through 5.9.0's Basic Policy Editor UI. Learn about risks and mitigation steps.","twitter_image":"","twitter_title":"CVE-2020-14445: Reflected XSS in WSO2 Identity Server","og_description":"Securin reports CVE-2020-14445—a reflected XSS flaw in WSO2 Identity Server through 5.9.0's Basic Policy Editor UI. Learn about risks and mitigation steps.","twitter_description":"Securin reports CVE-2020-14445—a reflected XSS flaw in WSO2 Identity Server through 5.9.0's Basic Policy Editor UI. Learn about risks and mitigation steps."},"_editable":""}}]}]