CVE-2025-8154 | WSO2 API Manager Webhook API injection

Inserito da Angelo Barbosa | Mag 11, 2026 | CVE

A vulnerability classified as critical was found in WSO2 API Manager, Universal Gateway, Traffic Manager, API Control Plane, Carbon API Gateway and Carbon API Management Implementation. The impacted element is an unknown function of the component Webhook API. Such manipulation leads to injection.

This vulnerability is referenced as CVE-2025-8154. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2025-8154 | WSO2 API Manager Webhook API injection

Post correlati

CVE-2024-45785 | NEUMANNLTD MUSASI 3 client-side authentication

CVE-2024-26132 | Element up to 1.6.11 on Android information disclosure (GHSA-8wj9-cx7h-pvm4)

CVE-2024-43709 | Elastic Search up to 7.17.20/8.13.2 allocation of resources

CVE-2023-46701 | Mattermost up to 8.1.5/9.0.3/9.1.2/9.2.1 Playbooks Plugin add-to-timeline-dialog information disclosure