Vulnerabilites related to wso2 - business_rules_server
Vulnerability from fkie_nvd
Published
2017-09-21 18:29
Modified
2024-11-21 03:13
Severity ?
Summary
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html | Exploit, Third Party Advisory | |
| cve@mitre.org | https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265 | Patch, Vendor Advisory | |
| cve@mitre.org | https://github.com/cybersecurityworks/Disclosed/issues/15 | Exploit, Technical Description, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/cybersecurityworks/Disclosed/issues/15 | Exploit, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | api_manager | 2.1.0 | |
| wso2 | app_manager | 1.2.0 | |
| wso2 | application_server | 5.3.0 | |
| wso2 | business_process_server | 3.6.0 | |
| wso2 | business_rules_server | 2.2.0 | |
| wso2 | complex_event_processor | 4.2.0 | |
| wso2 | dashboard_server | 2.0.0 | |
| wso2 | data_analytics_server | 3.1.0 | |
| wso2 | data_services_server | 3.5.1 | |
| wso2 | enterprise_integrator | 6.1.1 | |
| wso2 | enterprise_mobility_manager | 2.2.0 | |
| wso2 | governance_registry | 5.4.0 | |
| wso2 | identity_server | 5.3.0 | |
| wso2 | iot_server | 3.0.0 | |
| wso2 | machine_learner | 1.2.0 | |
| wso2 | message_broker | 3.2.0 | |
| wso2 | storage_server | 1.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:api_manager:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245D4EB1-F69D-4FAF-94DB-F4B3D3C20539",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:app_manager:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD697F16-E1A2-4320-A76E-794B05D3620B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:application_server:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8891BAB1-C357-4BC7-8B7A-541B9698F0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:business_process_server:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F3AA02-B597-4C9F-936A-A4DC91F590B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:business_rules_server:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5435A911-096A-4DEE-9E04-1D3CBF4D98D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:complex_event_processor:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "397D6C9B-62A5-42FC-AB3B-C03598C25A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:dashboard_server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5FB891-085E-4777-B771-1CDC367B8848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:data_analytics_server:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "941D83A5-1978-49AE-890D-E31980E2D6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:data_services_server:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC72298-39AC-450F-8419-951057332163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_integrator:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA3B48BB-ECB5-4A94-B76D-97BC3D303E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:enterprise_mobility_manager:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D6FCEF-7685-42DD-B322-AD87B5F37574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:governance_registry:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B815FD-E12D-46CE-94B3-06ED2C75285D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:identity_server:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0375C318-ECD2-4657-A0D7-4A0708266FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:iot_server:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00E81462-A034-4540-A086-7D836C6B17E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:machine_learner:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE333EE1-8158-40AF-8367-ACDCAA498516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:message_broker:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E3ADAB-067C-4D18-BDCA-43DDC607E4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:storage_server:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E0036440-3C00-4776-8DF6-AC30256EADBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter."
},
{
"lang": "es",
"value": "WSO2 Data Analytics Server 3.1.0 tiene una vulnerabilidad de tipo Cross-Site Scripting (XSS) en carbon/resources/add_collection_ajaxprocessor.jsp mediante los par\u00e1metros collectionName o parentPath."
}
],
"id": "CVE-2017-14651",
"lastModified": "2024-11-21T03:13:17.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-21T18:29:00.167",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://github.com/cybersecurityworks/Disclosed/issues/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://github.com/cybersecurityworks/Disclosed/issues/15"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-04 01:29
Modified
2024-11-21 03:13
Severity ?
Summary
The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wso2 | application_server | 5.3.0 | |
| wso2 | business_process_server | 3.6.0 | |
| wso2 | business_rules_server | 2.2.0 | |
| wso2 | complex_event_processor | 4.2.0 | |
| wso2 | dashboard_server | 2.0.0 | |
| wso2 | data_analytics_server | 3.1.0 | |
| wso2 | data_services_server | 3.5.1 | |
| wso2 | machine_learner | 1.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wso2:application_server:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8891BAB1-C357-4BC7-8B7A-541B9698F0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:business_process_server:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F3AA02-B597-4C9F-936A-A4DC91F590B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:business_rules_server:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5435A911-096A-4DEE-9E04-1D3CBF4D98D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:complex_event_processor:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "397D6C9B-62A5-42FC-AB3B-C03598C25A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:dashboard_server:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5FB891-085E-4777-B771-1CDC367B8848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:data_analytics_server:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "941D83A5-1978-49AE-890D-E31980E2D6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:data_services_server:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEC72298-39AC-450F-8419-951057332163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wso2:machine_learner:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE333EE1-8158-40AF-8367-ACDCAA498516",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS."
},
{
"lang": "es",
"value": "La consola de administraci\u00f3n en WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1 y WSO2 Machine Learner 1.2.0 se ha visto afectada por un Cross-Site Scripting (XSS) persistente."
}
],
"id": "CVE-2017-14995",
"lastModified": "2024-11-21T03:13:55.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-04T01:29:03.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2017-14651
Vulnerability from cvelistv5
Published
2017-09-21 18:00
Modified
2024-08-05 19:34
Severity ?
EPSS score ?
Summary
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/cybersecurityworks/Disclosed/issues/15 | x_refsource_MISC | |
| https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265 | x_refsource_MISC | |
| https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:34:39.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cybersecurityworks/Disclosed/issues/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-29T20:58:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cybersecurityworks/Disclosed/issues/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cybersecurityworks/Disclosed/issues/15",
"refsource": "MISC",
"url": "https://github.com/cybersecurityworks/Disclosed/issues/15"
},
{
"name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265",
"refsource": "MISC",
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0265"
},
{
"name": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html",
"refsource": "MISC",
"url": "https://cybersecurityworks.com/zerodays/cve-2017-14651-wso2.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14651",
"datePublished": "2017-09-21T18:00:00",
"dateReserved": "2017-09-21T00:00:00",
"dateUpdated": "2024-08-05T19:34:39.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-14995
Vulnerability from cvelistv5
Published
2017-10-03 07:00
Modified
2024-08-05 19:42
Severity ?
EPSS score ?
Summary
The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:42:22.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-03T06:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257",
"refsource": "CONFIRM",
"url": "https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2017-0257"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14995",
"datePublished": "2017-10-03T07:00:00",
"dateReserved": "2017-10-03T00:00:00",
"dateUpdated": "2024-08-05T19:42:22.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}