Vulnerabilities > Gravitee

DATE CVE VULNERABILITY TITLE RISK
2023-01-03 CVE-2022-38723 Path Traversal vulnerability in Gravitee API Management
Gravitee API Management before 3.15.13 allows path traversal through HTML injection.
network
low complexity
gravitee CWE-22
8.6
2022-08-23 CVE-2019-25075 Cross-site Scripting vulnerability in Gravitee API Management
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request.
network
low complexity
gravitee CWE-79
6.1