wso2 api manager have xss issue

Question

I'm using WSO2 API MANAGER VERSION 1.10.0

Sample API published with script description in publisher portal

and i open the api detail in store portal

setting carbon.xml is below

<XSSPreventionConfig>
     <Enabled>true</Enabled>
     <Rule>allow</Rule>
     <!--Patterns>
         <Pattern></Pattern>
     </Patterns-->
</XSSPreventionConfig>

How can I solve it with setting?

Bee Bee · Accepted Answer · 2016-10-25T05:29:29

You can download security patches for APIM 1.10.0 from here. This is already fixed in them.

wso2 api manager have xss issue

1 Answers