Wso2 Api_control_plane
2 CVEs affecting Wso2 Api_control_plane. Latest disclosed: 2026-05-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-8325 | Medium | 6.3 | 2026-05-11 | The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, by… |
CVE-2025-8154 | Medium | 5.3 | 2026-05-11 | In Webhook API invocations, the component accepts user-supplied input for HTTP request headers without sufficient validation or sanitization, allowing these he… |