WSO2 IDS Content Spoofing via URL Params
CVE-2024-6429 Published on September 23, 2025

Content Spoofing in Multiple WSO2 Products via Error Message Injection
A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiting this vulnerability, attackers can manipulate browser-displayed error messages, enabling social engineering attacks through deceptive or misleading content.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2024-6429 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
REQUIRED
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
LOW
Availability Impact:
NONE

Weakness Type

User Interface (UI) Misrepresentation of Critical Information

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.


Products Associated with CVE-2024-6429

Want to know whenever a new CVE is published for Wso2 products? stack.watch will email you.

Wso2 Identity Server As Key Manager
 
Wso2 Api Manager
 
Wso2 Identity Server
 

Affected Versions

WSO2 Identity Server as Key Manager: WSO2 API Manager: WSO2 Identity Server:

Exploit Probability

EPSS
0.03%
Percentile
10.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.