CNNVD-202509-3673 Information

Sep 23, 2025 cve

CNNVD ID

CNNVD-202509-3673

CVE-2025-0209

CNNVD Published: 2025-09-23

Description (Chinese)

WSO2 Identity Server（IS）是美国WSO2公司的一款身份认证服务器。 WSO2 Identity Server（IS）存在安全漏洞，该漏洞源于输出编码不当，可能导致反射型跨站脚本攻击。

Description (English)

WO2 Infrastructure Server (IS) is an identification server for WSO2 in the United States. There is a security loophole in WO2 Infrastructure Server (IS), which stems from inappropriate output coding and may lead to a reflector-type cross-site scrip attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

WSO2

Published

2025-09-23

Last Modified

2026-02-24

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/

Patch

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3902/

Share on: