Vulnerabilities > Gleeztech > Gleezcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-07 CVE-2018-16704 Authorization Bypass Through User-Controlled Key vulnerability in Gleeztech Gleezcms 1.3.0
An issue was discovered in Gleez CMS v1.2.0.
network
low complexity
gleeztech CWE-639
4.3
2018-07-23 CVE-2018-1999021 Cross-site Scripting vulnerability in Gleeztech Gleezcms 1.3.0
Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor.
network
low complexity
gleeztech CWE-79
5.4