CVE-2020-17453

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-17453

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17453.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-17453

Published

2021-04-05T22:15:12.633Z

Modified

2026-04-10T04:25:38.700922Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.

References

Affected packages

Git / github.com/wso2-attic/analytics-is

Affected ranges

Type

GIT

Repo

https://github.com/wso2-attic/analytics-is

Events

Introduced

Last affected

20468e646534067f106695ea989956a853b4c396

Introduced

Last affected

9347958cacabfbeb09bb743abd2f92b2e56731ec

Introduced

Last affected

bb7e011d81a237aa5e74265c33466ae254f7fdb6

Introduced

Last affected

bd89e4586d7e8c240c93b03b9acb3a1e93078781

Introduced

Last affected

bb7e011d81a237aa5e74265c33466ae254f7fdb6

Introduced

Last affected

bd89e4586d7e8c240c93b03b9acb3a1e93078781

Introduced

Last affected

42f3111ec596b0d8e8ac32cf33bc4261f53a95bb

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.7.0"
        }
    ]
}

Type

GIT

Repo

https://github.com/wso2/product-apim

Events

Introduced

Last affected

e4956e9301b1c26eb06e80ec5c86628154b6ab55

Introduced

Last affected

5cdc3f8a5ea212c3bf231cb710ea3436e9aad1d7

Introduced

Last affected

828807c24e02a88a91a70e6f9dbc6eeb58be3eaf

Introduced

Last affected

a87463944acbc28f14c0af2a32dc30310147a0be

Introduced

Last affected

5cdc3f8a5ea212c3bf231cb710ea3436e9aad1d7

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.2.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.5.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.6.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.2.0"
        }
    ]
}

Type

GIT

Repo

https://github.com/wso2/product-micro-integrator

Events

Introduced

Last affected

135aca18ba1b870b32660d89028b53c05bc12821

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.0"
        }
    ]
}

Affected versions

test-tag-1.*

test-tag-1.9.0-Alpha

v1.*

v1.0.0

v1.0.0-m2

v1.0.0-m3

v1.0.0-m4

v1.0.0-m5

v1.0.0-m6

v1.0.0-m7

v1.0.0-rc1

v1.9.0

v1.9.0-Alpha

v1.9.0-Beta

v1.9.0-Beta-2

v1.9.0-Beta-3

v1.9.0-M2

v2.*

v2.0.0-ALPHA

v2.0.0-M4

v2.1.0-alpha

v2.1.0-update1

v2.1.0-update10

v2.1.0-update11

v2.1.0-update12

v2.1.0-update13

v2.1.0-update14

v2.1.0-update2

v2.1.0-update3

v2.1.0-update5

v2.1.0-update7

v2.1.0-update8

v2.1.0-update9

v2.2.0

v2.2.0-update1

v2.2.0-update2

v2.2.0-update3

v2.2.0-update4

v2.2.0-update5

v2.2.0-update6

v2.2.0-update7

v2.5.0

v2.5.0-Alpha

v2.5.0-Beta

v2.5.0-rc1

v2.5.0-rc2

v2.5.0-rc3

v2.5.0-rc4

v2.6.0

v2.6.0-alpha

v2.6.0-alpha2

v2.6.0-beta

v2.6.0-beta2

v2.6.0-m1

v2.6.0-m2

v2.6.0-rc1

v2.6.0-rc2

v2.6.0-rc3

v3.*

v3.0.0

v3.0.0-alpha

v3.0.0-alpha2

v3.0.0-beta

v3.0.0-m32

v3.0.0-m33

v3.0.0-m34

v3.0.0-m35

v3.0.0-rc1

v3.0.0-rc2

v3.0.0-rc3

v3.1.0

v3.1.0-alpha

v3.1.0-beta

v3.1.0-m1

v3.1.0-m2

v3.1.0-m3

v3.1.0-m4

v3.1.0-m5

v3.1.0-rc1

v3.1.0-rc2

v3.1.0-rc3

v3.2.0

v3.2.0-alpha

v3.2.0-beta

v3.2.0-m1

v3.2.0-rc1

v3.2.0-rc2

v3.2.0-rc3

v3.2.0-rc4

v3.2.0-rc5

v3.2.0-rc6

v5.*

v5.2.0-beta2

v5.2.0-latest

v5.3.0-alpha2

v5.4.0

v5.4.0-beta

v5.4.0-update1

v5.4.0-update4

v5.4.1

v5.5.0

v5.5.0-alpha

v5.5.0-alpha2

v5.5.0-alpha3

v5.5.0-beta

v5.5.0-rc1

v5.5.0-rc2

v5.6.0

v5.6.0-rc1

v5.6.0-rc2

v5.6.0-rc3

v5.7.0

v5.7.0-alpha

v5.7.0-alpha2

v5.7.0-alpha3

v5.7.0-beta

v5.7.0-beta2

v5.7.0-beta3

v5.7.0-beta4

v5.7.0-beta5

v5.7.0-m3

v5.7.0-m4

v5.7.0-m5

v5.7.0-rc1

v5.7.0-rc2

v5.7.0-rc3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17453.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.6.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.10.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.10.0"
            }
        ]
    }
]