Shellsniper

**Name of the Vulnerable Software and Affected Versions** Angular Redactor version 1.1.6 **Description** The issue allows for stored XSS attacks when HTML content mode is used in Imperavi Redactor 3. This can be demonstrated through the use of an `onerror` attribute of an `IMG` element. **Recommendations** For Angular Redactor version 1.1.6, update to a version that fixes this issue, as using the HTML content mode currently poses a risk of stored XSS attacks.

**Name of the Vulnerable Software and Affected Versions** Gleez CMS version 1.2.0 **Description** The issue allows for CSRF, as demonstrated by a "page/add" request. **Recommendations** For Gleez CMS version 1.2.0, consider implementing proper CSRF protection mechanisms to prevent exploitation.