From 8bd4d9ffec5a262c87eac5eef28ee5e5eb62080e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B9=8B=E4=B9=8E=E8=80=85=E4=B9=9F?= <zhzyker@gmail.com>
Date: Fri, 7 Apr 2023 11:32:03 +0800
Subject: [PATCH] Create CVE-2020-24589.md

---
 CVE-2020-24589.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 CVE-2020-24589.md

diff --git a/CVE-2020-24589.md b/CVE-2020-24589.md
new file mode 100644
index 0000000..ae890ac
--- /dev/null
+++ b/CVE-2020-24589.md
@@ -0,0 +1,12 @@
+## WSO2 API Manager save_artifact_ajaxprocessor.jsp XXE Vulnerability (CVE-2020-24589)
+
+|   **Vulnerability**  | **WSO2 API Manager save_artifact_ajaxprocessor.jsp XXE Vulnerability (CVE-2020-24589)**  |
+| :----:   | :-----|
+|  **Chinese name**  | WSO2 API Manager 系统 save_artifact_ajaxprocessor.jsp XXE 漏洞（CVE-2020-24589） |
+| **CVSS core**  | 9.1 |
+| **FOFA Query**  (click to view the results directly)| [title="WSO2" \|\| header="Server: WSO2 Carbon Server" \|\| banner="Server: WSO2 Carbon Server"](https://fofa.info/result?qbase64=dGl0bGU9IldTTzIiIHx8IGhlYWRlcj0iU2VydmVyOiBXU08yIENhcmJvbiBTZXJ2ZXIiIHx8IGJhbm5lcj0iU2VydmVyOiBXU08yIENhcmJvbiBTZXJ2ZXIi) |
+| **Number of assets affected**  | 15231 |
+| **Description**  | WSO2 API Manager is a set of API lifecycle management solutions from WSO2 in the United States. A vulnerability exists in WSO2 API Manager. The following products and versions are affected: WSO2 API Manager from version 3.1.0 and API Microgateway version 2.2.0, the attacker can read arbitrary files and detect intranet information, etc. |
+| **Impact** | A vulnerability exists in WSO2 API Manager. The following products and versions are affected: WSO2 API Manager from version 3.1.0 and API Microgateway version 2.2.0, the attacker can read arbitrary files and detect intranet information, etc. |
+
+![](https://s3.bmp.ovh/imgs/2023/04/07/92ab16512332fe0c.gif)