Cross Site Scripting (XSS) Vulnerability in Gleez CMS 1.3.0 Profile Page Editor

Cross Site Scripting (XSS) Vulnerability in Gleez CMS 1.3.0 Profile Page Editor

CVE-2018-1999021 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker's profile page.

Learn more about our Web App Pen Testing.