CVE-2025-4760 | WSO2 API Manager cross site scripting

A vulnerability was found in WSO2 API Manager, API Control Plane, Universal Gateway, Traffic Manager and Carbon API Management API. It has been declared as problematic. Affected is an unknown function. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2025-4760. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More