CVE-2021-27312

Name of the Vulnerable Software and Affected Versions Gleez Cms version 1.2.0

Description The issue allows remote attackers to execute arbitrary code and obtain sensitive information via modules/gleez/classes/request.php. This is a Server Side Request Forgery (SSRF) vulnerability.

Recommendations For Gleez Cms version 1.2.0, consider disabling the request.php file in the modules/gleez/classes directory as a temporary workaround until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the vulnerable request.php file in the affected API endpoint until the issue is resolved.