A vulnerability classified as critical was found in WSO2 API Manager, Universal Gateway, Traffic Manager, API Control Plane, Carbon API Gateway and Carbon API Management Implementation . The impacted element is an unknown function of the component Webhook API . Such manipulation leads to injection. This vulnerability is referenced as CVE-2025-8154 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.