admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2020-24589.md

Browse Source
This commit is contained in:
之乎者也 2023-04-07 11:32:03 +08:00 committed by GitHub
parent faa924bdf1
commit 8bd4d9ffec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2020-24589.md Normal file
View File

@ -0,0 +1,12 @@
## WSO2 API Manager save_artifact_ajaxprocessor.jsp XXE Vulnerability (CVE-2020-24589)
| **Vulnerability** | **WSO2 API Manager save_artifact_ajaxprocessor.jsp XXE Vulnerability (CVE-2020-24589)** |
| :----: | :-----|
| **Chinese name** | WSO2 API Manager 系统 save_artifact_ajaxprocessor.jsp XXE 漏洞CVE-2020-24589 |
| **CVSS core** | 9.1 |
| **FOFA Query** (click to view the results directly)| [title="WSO2" \|\| header="Server: WSO2 Carbon Server" \|\| banner="Server: WSO2 Carbon Server"](https://fofa.info/result?qbase64=dGl0bGU9IldTTzIiIHx8IGhlYWRlcj0iU2VydmVyOiBXU08yIENhcmJvbiBTZXJ2ZXIiIHx8IGJhbm5lcj0iU2VydmVyOiBXU08yIENhcmJvbiBTZXJ2ZXIi) |
| **Number of assets affected** | 15231 |
| **Description** | WSO2 API Manager is a set of API lifecycle management solutions from WSO2 in the United States. A vulnerability exists in WSO2 API Manager. The following products and versions are affected: WSO2 API Manager from version 3.1.0 and API Microgateway version 2.2.0, the attacker can read arbitrary files and detect intranet information, etc. |
| **Impact** | A vulnerability exists in WSO2 API Manager. The following products and versions are affected: WSO2 API Manager from version 3.1.0 and API Microgateway version 2.2.0, the attacker can read arbitrary files and detect intranet information, etc. |
![](https://s3.bmp.ovh/imgs/2023/04/07/92ab16512332fe0c.gif)