CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gleezcms: >> Gleez Cms >> 2.0 Security Vulnerabilities

CVE-2018-7035

Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers (users) to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an Administrator tries to edit the same content, as demonstrated by use of the source editor for HTML mode in an Add Blog action.

CVSS Score

5.4

EPSS Score

0.002

Published

2018-04-05

Page 1

Vulnerabilities

Vulnerable Software

Gleezcms: >> Gleez Cms >> 2.0 Security Vulnerabilities

Products

Pricing

Contact Us