CVE-2018-20736

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-20736

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20736.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-20736

Published

2019-03-21T16:00:37.767Z

Modified

2026-04-10T04:10:04.894881Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product.

References

Affected packages

Git / github.com/wso2/product-apim

Affected ranges

Type

GIT

Repo

https://github.com/wso2/product-apim

Events

Introduced

Last affected

a87463944acbc28f14c0af2a32dc30310147a0be

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.6.0"
        }
    ]
}

Affected versions

test-tag-1.*

test-tag-1.9.0-Alpha

v1.*

v1.9.0

v1.9.0-Alpha

v1.9.0-Beta

v1.9.0-Beta-2

v1.9.0-Beta-3

v1.9.0-M2

v2.*

v2.0.0-ALPHA

v2.0.0-M4

v2.1.0-alpha

v2.1.0-update1

v2.1.0-update10

v2.1.0-update11

v2.1.0-update12

v2.1.0-update13

v2.1.0-update14

v2.1.0-update2

v2.1.0-update3

v2.1.0-update5

v2.1.0-update7

v2.1.0-update8

v2.1.0-update9

v2.2.0

v2.2.0-update1

v2.2.0-update2

v2.2.0-update3

v2.2.0-update4

v2.2.0-update5

v2.2.0-update6

v2.2.0-update7

v2.5.0

v2.5.0-Alpha

v2.5.0-Beta

v2.5.0-rc1

v2.5.0-rc2

v2.5.0-rc3

v2.5.0-rc4

v2.6.0

v2.6.0-alpha

v2.6.0-alpha2

v2.6.0-beta

v2.6.0-beta2

v2.6.0-m1

v2.6.0-m2

v2.6.0-rc1

v2.6.0-rc2

v2.6.0-rc3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20736.json"