CVE-2018-1999021

Name of the Vulnerable Software and Affected Versions Gleez Cms version 1.3.0

Description The issue is related to a Cross Site Scripting (XSS) vulnerability in the Profile page, which can lead to the injection of arbitrary web script or HTML via the profile page editor. This can be exploited when the victim navigates to the attacker's profile page.

Recommendations For version 1.3.0, consider disabling the profile page editor as a temporary workaround until a patch is available. Restrict access to the profile page to minimize the risk of exploitation. Avoid using the profile page editor until the issue is resolved.