CVE-2020-25516 – WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site

WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site scripting (XSS) vulnerability in BPMN explorer tasks.

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25516

Reference (s):

• https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0781
• https://github.com/piuppi/Proof-of-Concepts/blob/main/WSO2/CVE-2020-25516.md