CVE-2018-1999021: Cross-site Scripting

July 23, 2018 (updated September 19, 2018)

Gleezcms Gleez CMS contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker’s profile page.

References

nvd.nist.gov/vuln/detail/CVE-2018-1999021

Detect and mitigate CVE-2018-1999021 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →