A newly disclosed vulnerability, CVE-2024-6914, has shocked the enterprise software community, affecting a wide range of WSO2 products. The flaw, rated with a CVSS score of 9.8 (Critical), stems from an incorrect authorization mechanism in the account recovery-related SOAP admin service. This business logic error allows attackers to exploit the service and reset the password […]

The post Severe WSO2 SOAP Flaw Allows Unauthorized Password Resets for Any Use appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Anupriya

Source: gbHackers
Source Link: https://gbhackers.com/severe-wso2-soap-flaw/