CVE-2025-6670 | WSO2 Open Banking AM Admin Service cross-site request forgery

A vulnerability was found in WSO2 Open Banking AM, Open Banking IAM, Traffic Manager, Universal Gateway, API Control Plane, API Manager, Identity Server, Identity Server as Key Manager, Enterprise Integrator and org.wso2.carbon:org.wso2.carbon.ui. It has been classified as problematic. This affects an unknown part of the component Admin Service. This manipulation causes cross-site request forgery.

This vulnerability is registered as CVE-2025-6670. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More