cbcvebase.
CVE-2024-1440
published 2025-06-02

CVE-2024-1440: An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when…

PriorityP429medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.20%
10.2th percentile
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of the multi-option URL in the authentication endpoint when multi-option authentication is enabled. A malicious actor can craft a valid link that redirects users to an attacker-controlled site. By exploiting this vulnerability, an attacker may trick users into visiting a malicious page, enabling phishing attacks to harvest sensitive information or perform other harmful actions.

Affected

25 ranges
VendorProductVersion rangeFixed in
wso2api_manager
wso2api_manager
wso2api_manager
wso2identity_server
wso2identity_server
wso2identity_server
wso2identity_server
wso2identity_server
wso2identity_server_as_key_manager
wso2wso2_api_manager>= 3.1.0 < 3.1.0.2623.1.0.262
wso2wso2_api_manager>= 3.2.0 < 3.2.0.3443.2.0.344
wso2wso2_api_manager>= 4.0.0 < 4.0.0.2964.0.0.296
wso2wso2_carbon_identity_application_authentication_endpoint>= 5.17.5 < 5.17.5.2565.17.5.256
wso2wso2_carbon_identity_application_authentication_endpoint>= 5.18.187 < 5.18.187.2575.18.187.257
wso2wso2_carbon_identity_application_authentication_endpoint>= 5.23.8 < 5.23.8.1745.23.8.174
wso2wso2_carbon_identity_application_authentication_endpoint>= 5.25.92 < 5.25.92.775.25.92.77
wso2wso2_carbon_identity_application_authentication_endpoint>= 7.0.78 < 7.0.78.187.0.78.18
wso2wso2_identity_server>= 5.10.0 < 5.10.0.2785.10.0.278
wso2wso2_identity_server>= 5.11.0 < 5.11.0.3475.11.0.347
wso2wso2_identity_server>= 6.0.0 < 6.0.0.1856.0.0.185
wso2wso2_identity_server>= 6.1.0 < 6.1.0.1456.1.0.145
wso2wso2_identity_server>= 7.0.0 < 7.0.0.307.0.0.30
wso2wso2_identity_server_as_key_manager>= 5.10.0 < 5.10.0.2985.10.0.298
wso2wso2_open_banking_am>= 2.0.0 < 2.0.0.3082.0.0.308
wso2wso2_open_banking_iam>= 2.0.0 < 2.0.0.3272.0.0.327
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.