Wso2 Carbon Api Gateway
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Wso2 Carbon Api Gateway.
By the Year
In 2026 there have been 1 vulnerability in Wso2 Carbon Api Gateway with an average score of 5.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 5.30 |
It may take a day or so for new Wso2 Carbon Api Gateway vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wso2 Carbon Api Gateway Security Vulnerabilities
WSO2 API Manager Webhook HTTP Header Injection
CVE-2025-8154
5.3 - Medium
- May 11, 2026
In Webhook API invocations, the component accepts user-supplied input for HTTP request headers without sufficient validation or sanitization, allowing these headers to be injected into HTTP responses. By exploiting this vulnerability, a malicious actor can inject or overwrite arbitrary HTTP response headers. This can lead to various adverse effects, including the manipulation of browser caching, alteration of security-related headers, and the injection of sensitive information such as cookie values, potentially enabling session hijacking or other malicious activities.
Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Wso2 Carbon Api Gateway or by Wso2? Click the Watch button to subscribe.
