Vulnerabilities (CVE)

Filtered by vendor Gravitee Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38723 1 Gravitee 1 Api Management 2024-11-21 N/A 8.6 HIGH
Gravitee API Management before 3.15.13 allows path traversal through HTML injection.
CVE-2019-25075 1 Gravitee 1 Api Management 2024-11-21 N/A 6.1 MEDIUM
HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request.