Wso2 Data Analytics Server — known CVE vulnerabilities
Every CVE whose affected-product data names Wso2 Data Analytics Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2025-9804 — CVSS 9.6 (critical): An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal…
CVE-2020-24703 — CVSS 8.8 (high): An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-controlled…
CVE-2020-24704 — CVSS 6.1 (medium): An issue was discovered in certain WSO2 products. The Try It tool allows Reflected XSS. This affects API Manager 2.2.0, API Manager…
CVE-2017-14995 — CVSS 6.1 (medium): The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex…
CVE-2023-6911 — CVSS 4.8 (medium): Multiple WSO2 products have been identified as vulnerable due to improper output encoding, a Stored Cross Site Scripting (XSS) attack can…
CVE-2017-14651 — CVSS 4.8 (medium): WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath…
CVE-2022-29548 — CVSS 4.6 (medium): A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0…