CVE-2020-25516: WSO2 Enterprise Integrator Stored XSS Vulnerability Overview WSO2 Enterprise Integrator (WSO2 EI), a hybrid integration platform, contains an XSS vulnerability in its BPMN Explorer component. Description Exploit: Attackers can inject XSS payloads via comments in BPMN Explorer tasks. Storage: The malicious payload is stored and executed whenever the task is loaded. Cause: The vulnerability is due to the lack of proper input sanitization in . Impact Redirect to malicious sites. Retrieve browser information. Various other harmful actions, albeit not including session hijacking due to httpOnly flags. Timeline 2020-05-29: Reported to WSO2. 2020-07-07: Security fix in progress. 2020-09-10: CVE obtained. 2020-10-29: Public disclosure. Proof of Concept (POC) 1. Log into BPMN Explorer. 2. Locate a task in "SEARCH". 3. Add a comment containing the XSS payload. 4. The payload will execute when the task is accessed. Suggested Mitigation Validate input upon arrival. Use HTML encoding for user input.