SECURITY ADVISORY WSO2-2023-2935

Published: May 31, 2024

Version: 1.0.0

Severity: Medium

CVSS Score: 4.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)


AFFECTED PRODUCTS

  • WSO2 Micro Gateway Toolkit : 3.2.0

OVERVIEW

Potential Reflected Cross-Site Scripting (XSS) has been identified in the error page of WSO2 Micro Gateway.

DESCRIPTION

WSO2 Micro Gateway responds with 'text/plain' as the content-type in error pages without output encoding. Modern browsers exclusively interpret 'text/plain' correctly, honoring the content-type header, and do not perform HTML content sniffing. However, there could be certain older browsers that do content-sniffing while also not honoring content-type header, in which cases the vulnerability could be used to perform XSS.

IMPACT

The recommended solution is to apply the provided patch/update to the affected versions of the products. If there are any instructions given with the patch/update, please make sure those are followed properly. The fix will deliver the X-Content-Type-Options: nosniff header for error page responses, preventing browsers from performing content sniffing.

SOLUTION

If the latest version of the affected WSO2 product is not mentioned under the affected product list, you may migrate to the latest version to receive security fixes. Otherwise you may apply the relevant fixes to the product based on the public fix:

Info

If you are a WSO2 customer with Support Subscription, please use WSO2 Updates in order to apply the fix.