Wso2 Wso2 Micro Integrator
6 CVEs affecting Wso2 Wso2 Micro Integrator. Latest disclosed: 2025-11-05. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-2905 | Critical | 9.1 | 2025-05-05 | Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity (XXE) resol… |
CVE-2025-11093 | High | 8.4 | 2025-11-05 | An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engine… |
CVE-2025-10907 | High | 8.4 | 2025-11-05 | An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin servic… |
CVE-2024-7074 | Medium | 6.8 | 2025-06-02 | An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with… |
CVE-2024-4598 | Medium | 6.5 | 2025-09-23 | An information disclosure vulnerability exists in multiple WSO2 products due to improper implementation of the enrich mediator. Authenticated users may be able… |
CVE-2023-6836 | Medium | 4.6 | 2023-12-15 | Multiple WSO2 products have been identified as vulnerable due to an XML External Entity (XXE) attack abuses a widely available but rarely used feature of XML p… |