Filtered by vendor Wso2
Subscriptions
Filtered by product Siddhi Extension Evaluate Scripts
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5717 | 1 Wso2 | 5 Api Control Plane, Api Manager, Open Banking Am and 2 more | 2025-09-25 | 6.7 Medium |
| An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server. Exploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users. | ||||
Page 1 of 1.