Gespage: >> Gespage >> 7.5.7 Security Vulnerabilities
Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
CVSS Score
7.5
EPSS Score
0.759
Published
2021-07-12
Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/user_reg.jsp.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-03-30