CVE-2025-5350

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-5350

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-5350.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-5350

Published

2025-10-24T10:15:38.910Z

Modified

2025-11-23T04:17:49.405098Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try-It feature, which was accessible only to administrative users. This feature accepted user-supplied URLs without proper validation, leading to server-side request forgery (SSRF). Additionally, the retrieved content was directly reflected in the HTTP response, enabling reflected cross-site scripting (XSS) in the admin user's browser context.

By tricking an administrator into accessing a crafted link, an attacker could force the server to fetch malicious content and reflect it into the admin’s browser, leading to arbitrary JavaScript execution for UI manipulation or data exfiltration. While session cookies are protected with the HttpOnly flag, the XSS still poses a significant security risk.

Furthermore, SSRF can be used by a privileged user to query internal services, potentially aiding in internal network enumeration if the target endpoints are reachable from the affected product.

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4124/

Affected packages

Git / github.com/wso2/product-apim

Affected ranges

Type: GIT
Repo: https://github.com/wso2/product-apim
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

2971de274564b622974de831403e9688a4a76c14

Last affected

2d31e24faeeb97e70d7f19033ccff2f843f8c892

Last affected

572610e8e6564a647044bdb454eda658e1253352

Last affected

6e7a9db24a575f1f4a5bc4f4cbb41687c308c466

Last affected

9f152cad69fafd010fae1ed02b636409f0860b91

Last affected

c97258caec907ea69c289c80ff708a214c3372dc

Last affected

cf00d9e6cb083f94abae11818794f62cd5c94079

Last affected

e4956e9301b1c26eb06e80ec5c86628154b6ab55

Last affected

f84a64d6683176f3ffb57fa262f3035b69781f2f

Affected versions

test-tag-1.*

test-tag-1.9.0-Alpha

v1.*

v1.10.0

v1.10.0-Alpha

v1.10.0-Beta

v1.10.0-rc3

v1.10.0-rc4

v1.9.0

v1.9.0-Alpha

v1.9.0-Beta

v1.9.0-Beta-2

v1.9.0-Beta-3

v1.9.0-M2

v2.*

v2.0.0

v2.0.0-ALPHA

v2.0.0-BETA

v2.0.0-M1

v2.0.0-M2

v2.0.0-M3

v2.0.0-M4

v2.0.0-M5

v2.0.0-beta2

v2.0.0-rc1

v2.0.0-rc2

v2.0.0-rc3

v2.0.0-rc4

v2.0.0-rc5

v2.1.0-alpha

v2.1.0-update1

v2.1.0-update10

v2.1.0-update11

v2.1.0-update12

v2.1.0-update13

v2.1.0-update14

v2.1.0-update2

v2.1.0-update3

v2.1.0-update4

v2.1.0-update5

v2.1.0-update6

v2.1.0-update7

v2.1.0-update8

v2.1.0-update9

v2.2.0

v2.2.0-update1

v2.2.0-update2

v2.2.0-update3

v2.2.0-update4

v2.2.0-update5

v2.2.0-update6

v2.2.0-update7

v2.5.0

v2.5.0-Alpha

v2.5.0-Beta

v2.5.0-rc1

v2.5.0-rc2

v2.5.0-rc3

v2.5.0-rc4

v2.6.0

v2.6.0-alpha

v2.6.0-alpha2

v2.6.0-beta

v2.6.0-beta2

v2.6.0-m1

v2.6.0-m2

v2.6.0-rc1

v2.6.0-rc2

v2.6.0-rc3

v3.*

v3.0.0

v3.0.0-alpha

v3.0.0-alpha2

v3.0.0-beta

v3.0.0-m32

v3.0.0-m33

v3.0.0-m34

v3.0.0-m35

v3.0.0-rc1

v3.0.0-rc2

v3.0.0-rc3

v3.1.0

v3.1.0-alpha

v3.1.0-beta

v3.1.0-m1

v3.1.0-m2

v3.1.0-m3

v3.1.0-m4

v3.1.0-m5

v3.1.0-rc1

v3.1.0-rc2

v3.1.0-rc3