CVE-2025-5605 | WSO2 Identity Server Management Console information disclosure

A vulnerability identified as problematic has been detected in WSO2 Identity Server, Enterprise Integrator, Universal Gateway, Traffic Manager, API Manager, API Control Plane, Identity Server as Key Manager, Open Banking AM, Open Banking IAM and org.wso2.carbon:org.wso2.carbon.ui. The impacted element is an unknown function of the component Management Console. The manipulation leads to information disclosure.

This vulnerability is referenced as CVE-2025-5605. The attack needs to be initiated within the local network. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More