Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user can attempt to log in as another user without its password.
8.8CVSS
8.5AI Score
0.001EPSS
static_compressed_inmemory_website_callback.c in Glewlwyd through 2.6.2 allows directory traversal.
7.5CVSS
7.5AI Score
0.002EPSS