Wso2 Org.wso2.carbon:org.wso2.carbon.base
3 CVEs affecting Wso2 Org.wso2.carbon:org.wso2.carbon.base. Latest disclosed: 2025-11-05. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-9804 | Critical | 9.6 | 2025-10-16 | An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services an… |
CVE-2025-10907 | High | 8.4 | 2025-11-05 | An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin servic… |
CVE-2025-9955 | Medium | 5.7 | 2025-10-16 | An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin servic… |