CVE-2025-6024 | WSO2 API Manager/Identity Server Authentication Endpoint cross site scripting

Inserito da Angelo Barbosa | Apr 16, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in WSO2 API Manager and Identity Server. This issue affects some unknown processing of the component Authentication Endpoint. The manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-6024. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2025-6024 | WSO2 API Manager/Identity Server Authentication Endpoint cross site scripting

Post correlati

CVE-2024-34344 | Nuxt up to 3.12.3 NuxtTestComponentWrapper path cross site scripting (GHSA-v784-fjjh-f8r4)

CVE-2024-7290 | SourceCodester Establishment Billing Management System 1.0 /manage_tenant.php id sql injection

CVE-2023-45252 | Huddly HuddlyCameraService prior 8.0.7 Installation uncontrolled search path

CVE-2023-47558 | Mahlamusa Who Hit The Page Plugin up to 1.4.14.3 on WordPress sql injection