XSS, CSRF Vulnerabilities identitified in WSO2 Identity Server

May 15, 2015


A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially expose subsequent internal servers to further attacks.

The open source server software helps developers manage identities and keep track of web apps, services and APIs. Researchers at SEC Consult, a vulnerability lab headquartered in Austria, discovered the critical bugs in version 5.0.0 of the software in February and disclosed them on Wednesday.

Read More