CVE-2019-25075

HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request.

Published: Aug 23, 2022
Updated: Nov 8, 2023
CVE: CVE-2019-25075
GHSA: GHSA-xc4w-28g8-vqm5
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79
CWE-22

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)
A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
gravitee / api_management	-	1.25.3
io.gravitee.apim / gravitee-api-management	-	1.25.3

https://github.com/gravitee-io/gravitee-api-management
https://medium.com/@maxime.escourbiac/write-up-of-path-traversal-on-gravitee-io-8835941be69f
https://medium.com/%40maxime.escourbiac/write-up-of-path-traversal-on-gravitee-io-8835941be69f

Vulnerability Database

289,782

CVE-2019-25075