Wso2 Wso2 Enterprise Service Bus
3 CVEs affecting Wso2 Wso2 Enterprise Service Bus. Latest disclosed: 2025-10-16. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-2905 | Critical | 9.1 | 2025-05-05 | Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity (XXE) resol… |
CVE-2024-7074 | Medium | 6.8 | 2025-06-02 | An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with… |
CVE-2025-9955 | Medium | 5.7 | 2025-10-16 | An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin servic… |