Description
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks.
Remediation
References
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0742
Related Vulnerabilities
CVE-2016-8629 Vulnerability in maven package org.keycloak:keycloak-model-infinispan
CVE-2021-32732 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2023-2632 Vulnerability in maven package org.jenkins-ci.plugins:codedx
CVE-2023-38503 Vulnerability in npm package directus
CVE-2020-2239 Vulnerability in maven package org.jenkins-ci.plugins:parameterized-remote-trigger