La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Facebook Twitter Linkedin Copia Link

tag

CVE-2022-39810

CVE-2022-39810 – WSO2 Enterprise Integrator

Vulnerability Description: Cross-Site Scripting - CWE-79

Software Version: 6.4.0

NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-39810

CVSv3: 6.1

Severity: Medium

Credits: Tiziano Di Vincenzo, Massimiliano Brolli

An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the “driver” parameter. Session hijacking or similar attacks would not be possible.