Check Point Advisories

WSO2 Identity Server Cross Site Scripting (CVE-2018-8716)

Vulnerability
Protection

Check Point Reference:	CPAI-2018-2169
Date Published:	28 Nov 2022
Severity:	Medium
Last Updated:	Monday 28 November, 2022
Source:
Industry Reference:	CVE-2018-8716
Protection Provided by:	Security Gateway R81, R80, R77, R75
Who is Vulnerable?	WSO2 Identity Server 3.2.0 WSO2 Identity Server 3.2.3 WSO2 Identity Server 3.2.2 WSO2 Identity Server 4.1.0 WSO2 Identity Server 1.5.0 WSO2 Identity Server 5.2.0 WSO2 Identity Server 3.0.1 WSO2 Identity Server 2.0.2 WSO2 Identity Server 2.0.3 WSO2 Identity Server 2.0.0 WSO2 Identity Server 2.0.1 WSO2 Identity Server 4.0.0 WSO2 Identity Server 4.5.0 WSO2 Identity Server 5.4.0 WSO2 Identity Server 5.3.0 WSO2 Identity Server 4.6.0 WSO2 Identity Server 5.1.0 WSO2 Identity Server 3.0.0 WSO2 Identity Server 5.0.0
Vulnerability Description	A cross-site scripting vulnerability exists in WSO2 Identity Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

In the IPS tab, click Protections and find the WSO2 Identity Server Cross Site Scripting (CVE-2018-8716) protection using the Search tool and Edit the protection's settings.
Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name: Web Server Enforcement Violation.
Attack Information: WSO2 Identity Server Cross Site Scripting (CVE-2018-8716)