CVE-2018-16704: Information Exposure

September 7, 2018 (updated November 14, 2018)

An issue was discovered in Gleez CMS. Because of an Insecure Direct Object Reference vulnerability, it is possible for attackers (logged-in users) to view profile page of other users.

References

nvd.nist.gov/vuln/detail/CVE-2018-16704

Detect and mitigate CVE-2018-16704 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →