Vulnerability Database

Published: Mar 21, 2019
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-20737" target="_blank" rel="noopener"> CVE-2018-20737
Severity: Low
Exploit:

308,379

Total vulnerabilities in the database

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product.

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
wso2 / api_manager	2.6.0	2.6.0.x
wso2 / identity_server	5.7.0	5.7.0.x
wso2 / identity_server_as_key_manager	5.7.0	5.7.0.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.