Vulnerabilities > Gravitee > API Management > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-23 | CVE-2019-25075 | Cross-site Scripting vulnerability in Gravitee API Management HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request. | 6.1 |