Gravitee: >> Api Management >> 0.11.0 Security Vulnerabilities
Gravitee API Management before 3.15.13 allows path traversal through HTML injection.
CVSS Score
8.6
EPSS Score
0.005
Published
2023-01-03
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-08-23