CVE-2025-10503 - Reflected Cross-Site Scripting via Authentication Endpoint in WSO2 Identity Server
CVE ID :CVE-2025-10503 Published : April 29, 2026, 8:08 a.m. | 1 hour, 17 minutes ago Description :The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the injection of malicious
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Critical Flaw Turns Vect Ransomware into Data Destroying Wiper
- [CYBER] CISA orders feds to patch Windows flaw exploited as zero-day
- [CYBER] Porn clip plays during virtual hearing in Delhi High Court, litigant claims hack
- [CYBER] CVE-2026-42167 Allows Auth Bypass And RCE In ProFTPD
- [CYBER] CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)
- [CYBER] Ransomware accidentally destroys all files larger than 128KB, preventing decryption — VECT code likely partly vibe coded with AI or used an old code base, security researchers suggest