cbcvebase.
CVE-2024-6429
published 2025-09-23

CVE-2024-6429: A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed…

PriorityP421medium4.3CVSS 3.1
AVNACLPRNUIRSUCNILAN
EPSS
0.20%
10.0th percentile
A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiting this vulnerability, attackers can manipulate browser-displayed error messages, enabling social engineering attacks through deceptive or misleading content.

Affected

25 ranges
VendorProductVersion rangeFixed in
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2api_manager
wso2identity_server
wso2identity_server
wso2identity_server
wso2identity_server
wso2identity_server
wso2wso2_api_manager>= 3.2.0 < 3.2.0.4093.2.0.409
wso2wso2_api_manager>= 3.2.1 < 3.2.1.333.2.1.33
wso2wso2_api_manager>= 4.0.0 < 4.0.0.3274.0.0.327
wso2wso2_api_manager>= 4.1.0 < 4.1.0.1884.1.0.188
wso2wso2_api_manager>= 4.2.0 < 4.2.0.1284.2.0.128
wso2wso2_api_manager>= 4.3.0 < 4.3.0.384.3.0.38
wso2wso2_api_manager>= 4.4.0 < 4.4.0.44.4.0.4
wso2wso2_identity_server>= 5.10.0 < 5.10.0.3145.10.0.314
wso2wso2_identity_server>= 5.11.0 < 5.11.0.3595.11.0.359
wso2wso2_identity_server>= 6.0.0 < 6.0.0.2036.0.0.203
wso2wso2_identity_server>= 6.1.0 < 6.1.0.1766.1.0.176
wso2wso2_identity_server>= 7.0.0 < 7.0.0.487.0.0.48
wso2wso2_identity_server_as_key_manager>= 5.10.0 < 5.10.0.3385.10.0.338
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.