Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS13N3J4LTgyNHYtcmd4Nc4AA3y_
WSO2 API Manager allows attackers to change the API rating
Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated.
Permalink: https://github.com/advisories/GHSA-w7rx-824v-rgx5JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS13N3J4LTgyNHYtcmd4Nc4AA3y_
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 12 months ago
Updated: 11 months ago
CVSS Score: 4.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Identifiers: GHSA-w7rx-824v-rgx5, CVE-2023-6835
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-6835
- https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2021-1357/
- https://github.com/wso2/carbon-apimgt/commit/2e9591b72bc286dfcd22b57768e984d867c902ba
- https://github.com/wso2/carbon-apimgt/blob/81e0c0b8ed0bd2dace1e9006be21acbb731c835e/components/forum/org.wso2.carbon.forum/src/main/java/org/wso2/carbon/forum/registry/RegistryForumManager.java#L762
- https://github.com/advisories/GHSA-w7rx-824v-rgx5
Blast Radius: 1.0
Affected Packages
maven:org.wso2.carbon.apimgt:forum
Dependent packages: 0Dependent repositories: 0
Downloads:
Affected Version Ranges: <= 9.0.78
No known fixed version
All affected versions: 6.6.42, 6.6.43, 6.6.44, 6.6.45, 6.6.46, 6.6.47, 6.6.48, 6.6.49, 6.6.50, 6.6.51, 6.6.52, 6.6.53, 6.6.54, 6.6.55, 6.6.56, 6.6.57, 6.6.58, 6.6.59, 6.6.60, 6.6.61, 6.6.62, 6.6.63, 6.6.64, 6.6.65, 6.6.66, 6.6.67, 6.6.68, 6.6.69, 6.6.70, 6.6.71, 6.6.72, 6.6.73, 6.6.74, 6.6.75, 6.6.76, 6.6.77, 6.6.78, 6.6.79, 6.6.80, 6.6.81, 6.6.82, 6.6.83, 6.6.84, 6.6.85, 6.6.86, 6.6.87, 6.6.88, 6.6.89, 6.6.90, 6.6.91, 6.6.92, 6.6.93, 6.6.94, 6.6.95, 6.6.96, 6.6.97, 6.6.98, 6.6.99, 6.6.100, 6.6.101, 6.6.102, 6.6.103, 6.6.104, 6.6.105, 6.6.106, 6.6.107, 6.6.108, 6.6.109, 6.6.110, 6.6.111, 6.6.112, 6.6.113, 6.6.114, 6.6.115, 6.6.116, 6.6.117, 6.6.118, 6.6.119, 6.6.120, 6.6.121, 6.6.122, 6.6.123, 6.6.124, 6.6.125, 6.6.126, 6.6.127, 6.6.128, 6.6.129, 6.6.130, 6.6.131, 6.6.132, 6.6.133, 6.6.134, 6.6.135, 6.6.136, 6.6.137, 6.6.138, 6.6.139, 6.6.140, 6.6.141, 6.6.142, 6.6.143, 6.6.144, 6.6.145, 6.6.146, 6.6.147, 6.6.148, 6.6.149, 6.6.150, 6.6.151, 6.6.152, 6.6.153, 6.6.154, 6.6.155, 6.6.156, 6.6.157, 6.6.158, 6.6.159, 6.6.160, 6.6.161, 6.6.162, 6.6.163, 6.6.164, 6.6.165, 6.6.166, 6.6.167, 6.6.168, 6.6.169, 6.6.170, 6.6.171, 6.6.172, 6.6.173, 6.6.174, 6.6.175, 6.6.176, 6.6.177, 6.6.178, 6.6.179, 6.6.180, 6.6.181, 6.6.182, 6.6.183, 6.6.184, 6.6.185, 6.6.186, 6.6.187, 6.6.188, 6.6.189, 6.6.190, 6.6.191, 6.6.192, 6.6.193, 6.6.194, 6.6.195, 6.6.196, 6.6.197, 6.6.198, 6.6.199, 6.6.200, 6.6.201, 6.6.202, 6.6.203, 6.6.204, 6.6.205, 6.6.206, 6.6.207, 6.6.208, 6.6.209, 6.6.210, 6.6.211, 6.6.212, 6.6.213, 6.6.214, 6.6.215, 6.6.216, 6.6.217, 6.6.218, 6.6.219, 6.6.220, 6.6.221, 6.6.222, 6.6.223, 6.6.224, 6.6.225, 6.6.226, 6.6.227, 6.6.228, 6.6.229, 6.6.230, 6.6.231, 6.6.232, 6.6.233, 6.6.234, 6.6.235, 6.6.236, 6.6.237, 6.6.238, 6.6.239, 6.6.240, 6.6.241, 6.6.242, 6.6.243, 6.6.244, 6.6.245, 6.6.246, 6.6.247, 6.6.248, 6.6.249, 6.6.250, 6.6.251, 6.6.252, 6.6.253, 6.6.254, 6.6.255, 6.6.256, 6.6.257, 6.6.258, 6.6.259, 6.6.260, 6.6.261, 6.6.262, 6.6.263, 6.6.264, 6.6.265, 6.6.266, 6.6.267, 6.6.268, 6.6.269, 6.6.270, 6.6.271, 6.6.272, 6.6.273, 6.6.274, 6.7.0, 6.7.1, 6.7.2, 6.7.3, 6.7.4, 6.7.5, 6.7.6, 6.7.7, 6.7.8, 6.7.9, 6.7.10, 6.7.11, 6.7.12, 6.7.13, 6.7.14, 6.7.15, 6.7.16, 6.7.17, 6.7.18, 6.7.19, 6.7.20, 6.7.21, 6.7.22, 6.7.23, 6.7.24, 6.7.25, 6.7.26, 6.7.27, 6.7.28, 6.7.29, 6.7.30, 6.7.31, 6.7.32, 6.7.33, 6.7.34, 6.7.35, 6.7.36, 6.7.37, 6.7.38, 6.7.39, 6.7.40, 6.7.41, 6.7.42, 6.7.43, 6.7.44, 6.7.45, 6.7.46, 6.7.47, 6.7.48, 6.7.49, 6.7.50, 6.7.51, 6.7.52, 6.7.53, 6.7.54, 6.7.55, 6.7.56, 6.7.57, 6.7.58, 6.7.59, 6.7.60, 6.7.61, 6.7.62, 6.7.63, 6.7.64, 6.7.65, 6.7.66, 6.7.67, 6.7.68, 6.7.69, 6.7.70, 6.7.71, 6.7.72, 6.7.73, 6.7.74, 6.7.75, 6.7.76, 6.7.77, 6.7.78, 6.7.79, 6.7.80, 6.7.81, 6.7.82, 6.7.83, 6.7.84, 6.7.85, 6.7.86, 6.7.87, 6.7.88, 6.7.89, 6.7.90, 6.7.91, 6.7.92, 6.7.93, 6.7.94, 6.7.95, 6.7.96, 6.7.97, 6.7.98, 6.7.99, 6.7.100, 6.7.101, 6.7.102, 6.7.103, 6.7.104, 6.7.105, 6.7.106, 6.7.107, 6.7.108, 6.7.109, 6.7.110, 6.7.111, 6.7.112, 6.7.114, 6.7.115, 6.7.116, 6.7.117, 6.7.118, 6.7.119, 6.7.120, 6.7.121, 6.7.122, 6.7.123, 6.7.124, 6.7.125, 6.7.126, 6.7.127, 6.7.128, 6.7.129, 6.7.130, 6.7.131, 6.7.132, 6.7.133, 6.7.134, 6.7.135, 6.7.136, 6.7.137, 6.7.138, 6.7.139, 6.7.140, 6.7.141, 6.7.142, 6.7.143, 6.7.144, 6.7.145, 6.7.146, 6.7.147, 6.7.148, 6.7.149, 6.7.150, 6.7.151, 6.7.152, 6.7.153, 6.7.154, 6.7.155, 6.7.156, 6.7.157, 6.7.158, 6.7.159, 6.7.160, 6.7.161, 6.7.162, 6.7.163, 6.7.164, 6.7.165, 6.7.166, 6.7.167, 6.7.168, 6.7.169, 6.7.170, 6.7.171, 6.7.173, 6.7.174, 6.7.175, 6.7.176, 6.7.177, 6.7.178, 6.7.179, 6.7.180, 6.7.181, 6.7.182, 6.7.183, 6.7.184, 6.7.185, 6.7.186, 6.7.187, 6.7.188, 6.7.189, 6.7.190, 6.7.191, 6.7.192, 6.7.193, 6.7.194, 6.7.195, 6.7.196, 6.7.197, 6.7.198, 6.7.199, 6.7.200, 6.7.201, 6.7.202, 6.7.203, 6.7.204, 6.7.205, 6.7.206, 6.7.207, 6.7.208, 6.7.209, 6.8.0, 6.8.1, 6.8.2, 6.8.3, 6.8.4, 6.8.5, 6.8.6, 6.8.7, 6.8.8, 6.8.9, 6.8.10, 6.8.11, 6.8.12, 6.8.13, 6.8.14, 6.8.15, 6.8.16, 6.8.17, 6.8.18, 6.8.19, 6.8.20, 6.8.21, 6.8.22, 6.8.23, 6.8.24, 6.8.25, 6.8.26, 6.8.27, 6.8.28, 6.8.29, 6.8.30, 6.8.31, 6.8.32, 6.8.33, 6.8.34, 6.8.35, 6.8.36, 6.8.37, 6.8.38, 6.8.39, 6.8.40, 6.8.41, 6.8.42, 6.8.43, 6.8.44, 6.8.45, 6.8.46, 6.8.47, 6.8.48, 6.8.49, 6.8.50, 6.8.51, 6.8.52, 6.8.53, 6.8.54, 6.8.55, 6.8.56, 6.8.57, 6.8.58, 6.8.59, 6.8.60, 6.8.61, 6.8.62, 6.8.63, 6.8.64, 6.8.65, 6.8.66, 6.8.67, 6.8.68, 6.8.69, 6.8.70, 6.8.71, 6.8.72, 6.8.73, 6.8.74, 6.8.75, 6.8.76, 6.8.77, 6.8.78, 6.8.79, 6.8.80, 6.8.81, 6.8.82, 6.8.83, 6.8.84, 6.8.85, 6.8.86, 6.8.87, 6.8.88, 6.8.89, 6.8.90, 6.8.91, 6.8.92, 6.8.93, 6.8.94, 6.8.95, 6.8.96, 6.8.97, 6.8.98, 6.8.99, 6.8.100, 6.8.101, 6.8.102, 6.8.103, 6.8.104, 6.8.105, 6.8.106, 6.8.107, 6.8.108, 6.8.109, 6.8.110, 6.8.111, 6.8.112, 6.8.113, 6.8.114, 6.8.115, 6.8.116, 6.8.117, 6.8.118, 6.8.119, 6.8.120, 6.8.121, 6.8.122, 6.8.123, 6.8.124, 6.8.125, 6.8.126, 6.8.127, 6.8.128, 6.8.129, 6.8.130, 6.8.131, 6.8.132, 6.8.133, 6.8.134, 6.8.135, 6.8.136, 6.8.137, 6.8.138, 6.8.139, 6.8.140, 6.8.141, 6.8.142, 6.8.143, 6.8.144, 6.8.145, 6.8.146, 6.8.147, 6.8.148, 6.8.149, 6.8.150, 6.8.151, 6.8.152, 6.8.153, 6.8.154, 6.8.155, 6.8.156, 6.8.157, 6.8.158, 6.8.159, 6.8.160, 6.8.161, 6.8.162, 6.8.163, 6.8.164, 6.8.165, 6.8.166, 6.8.167, 6.8.168, 6.8.169, 6.8.170, 6.8.171, 6.8.172, 6.8.173, 6.8.174, 6.8.175, 6.8.176, 6.8.177, 6.8.178, 6.8.179, 6.8.180, 6.8.181, 6.8.182, 6.8.183, 6.8.184, 6.8.186, 6.8.187, 6.8.188, 6.8.189, 6.8.190, 6.8.191, 6.8.192, 6.8.193, 6.8.194, 6.8.195, 6.8.196, 6.8.197, 6.8.198, 6.8.199, 6.8.200, 6.8.201, 6.8.202, 6.8.203, 6.8.204, 6.8.205, 6.8.206, 6.8.207, 6.8.208, 6.8.209, 6.8.210, 6.8.211, 6.8.212, 6.8.213, 6.8.214, 6.8.215, 6.8.216, 6.8.217, 6.8.218, 6.8.219, 6.8.220, 6.8.221, 6.8.222, 6.8.223, 6.8.224, 6.8.225, 6.8.226, 6.8.227, 6.8.228, 6.8.229, 6.8.230, 6.8.231, 6.8.232, 6.8.233, 6.8.234, 6.8.235, 6.8.236, 6.8.237, 6.8.238, 6.8.239, 6.8.240, 6.8.241, 6.8.242, 6.8.243, 6.8.244, 6.8.245, 6.8.246, 6.8.247, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.1.0, 8.1.1, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.2.7, 8.2.8, 8.2.9, 8.2.10, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.0.11, 9.0.12, 9.0.13, 9.0.14, 9.0.15, 9.0.16, 9.0.17, 9.0.18, 9.0.19, 9.0.20, 9.0.21, 9.0.22, 9.0.23, 9.0.24, 9.0.25, 9.0.26, 9.0.27, 9.0.28, 9.0.29, 9.0.30, 9.0.31, 9.0.32, 9.0.33, 9.0.34, 9.0.35, 9.0.36, 9.0.37, 9.0.38, 9.0.39, 9.0.40, 9.0.41, 9.0.42, 9.0.43, 9.0.44, 9.0.45, 9.0.46, 9.0.47, 9.0.48, 9.0.49, 9.0.50, 9.0.51, 9.0.52, 9.0.53, 9.0.54, 9.0.55, 9.0.56, 9.0.57, 9.0.58, 9.0.59, 9.0.60, 9.0.61, 9.0.62, 9.0.63, 9.0.64, 9.0.65, 9.0.66, 9.0.67, 9.0.68, 9.0.69, 9.0.70, 9.0.71, 9.0.72, 9.0.73, 9.0.74, 9.0.75, 9.0.76, 9.0.77, 9.0.78