Lucene search
GoogleOSV:CVE-2023-6835HistoryDec 15, 2023 - 10:15 a.m.
CVE-2023-6835
2023-12-1510:15:09
Google
osv.dev
4
wso2 products
vulnerability
forum feature
input validation
api rating manipulation
software
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
17.0%
Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the ForumΒ feature, API rating could be manipulated.
Related
osv
osv
WSO2 API Manager allows attackers to change the API rating
2023-12-15 12:30:25
nvd
nvd
CVE-2023-6835
2023-12-15 10:15:09
prion
prion
Input validation
2023-12-15 10:15:00
github
github
WSO2 API Manager allows attackers to change the API rating
2023-12-15 12:30:25
cvelist
cvelist
CVE-2023-6835
2023-12-15 09:16:27
cve
cve
CVE-2023-6835
2023-12-15 10:15:09
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
5.4
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for OSV:CVE-2023-6835