CVE-2018-20737 An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product. Source: NIST March 21, 2019 by admin Uncategorized