CVE-2017-14995

The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is affected by stored XSS.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wso2:application_server:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:business_process_server:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:business_rules_server:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:complex_event_processor:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:dashboard_server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:data_analytics_server:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:wso2:data_services_server:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:wso2:machine_learner:1.2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-10-04 01:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-14995

Mitre link : CVE-2017-14995

CVE.ORG link : CVE-2017-14995


JSON object : View

Products Affected

wso2

  • data_analytics_server
  • complex_event_processor
  • dashboard_server
  • business_rules_server
  • data_services_server
  • application_server
  • machine_learner
  • business_process_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')