CVE-2025-8154 - HTTP Header Injection via Webhook API in Multiple WSO2 Products Allows Response Header Manipulation
CVE ID :CVE-2025-8154 Published : May 11, 2026, 10:16 a.m. | 49 minutes ago Description :In Webhook API invocations, the component accepts user-supplied input for HTTP request headers without sufficient validation or sanitization, allowing these headers to be injected into HTTP responses. By
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Ronin set to transition to Ethereum layer 2 from independent sidechain
- [CYBER] Python Infostealer Hides in GitHub Releases to Bypass Detection
- [CYBER] PHP SOAP Extension Flaw Could Let Attackers Execute Code Remotely
- [CYBER] Construction to Cyber PM
- [CYBER] Cyber Espionage Group Targets Aviation Firms to Steal Map Data
- [CYBER] Skoda Data Breach Hits Online Shop Customers